该篇文章已经被专栏《从零开始学k8s》收录
上一篇文章:Kubernetes核心技术Service实战
继续我们上一章没讲完的内容!
Service实战
创建Service:type类型是NodePort创建Service:type类型是ExternalName映射外部服务案例 写在最后
创建Service:type类型是NodePort
1、创建一个 pod 资源 [root@k8smaster service]# vim pod_nodeport.yaml apiVersion: apps/v1kind: Deployment metadata: name: my-nginx-nodeportspec: selector: matchLabels: run: my-nginx-nodeport replicas: 2 template: metadata: labels: run: my-nginx-nodeport spec: containers: - name: my-nginx-nodeport-container image: nginx imagePullPolicy: IfNotPresent ports: - containerPort: 80#更新资源清单文件 [root@k8smaster service]# kubectl apply -f pod_nodeport.yaml deployment.apps/my-nginx-nodeport created#查看 pod 是否创建成功 [root@k8smaster service]# kubectl get pods -l run=my-nginx-nodeport NAME READY STATUS RESTARTS AGEmy-nginx-nodeport-5fccbb754b-jdj67 1/1 Running 0 19smy-nginx-nodeport-5fccbb754b-w5f8l 1/1 Running 0 19s 2、创建 service,代理 pod [root@xianchaomaster1 ~]# vim service_nodeport.yaml apiVersion: v1kind: Service metadata: name: my-nginx-nodeport labels: run: my-nginx-nodeport spec: type: NodePort ports: - port: 80 protocol: TCP targetPort: 80 nodePort: 30380 selector: run: my-nginx-nodeport #更新资源清单文件 [root@k8smaster service]# kubectl apply -f service_nodeport.yaml service/my-nginx-nodeport created#查看刚才创建的 service [root@k8smaster service]# kubectl get svc -l run=my-nginx-nodeport NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEmy-nginx-nodeport NodePort 10.97.89.147 <none> 80:30380/TCP 111s[root@k8smaster service]# kubectl get pods -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATEDmy-nginx-nodeport-5fccbb754b-jdj67 1/1 Running 0 9m14s 10.244.1.37 k8snode2 <none> my-nginx-nodeport-5fccbb754b-w5f8l 1/1 Running 0 9m14s 10.244.2.38 k8snode <none> [root@k8smaster service]# kubectl describe svc my-nginx-nodeportName: my-nginx-nodeportNamespace: defaultLabels: run=my-nginx-nodeportAnnotations: Selector: run=my-nginx-nodeportType: NodePortIP: 10.97.89.147Port: <unset> 80/TCPTargetPort: 80/TCPNodePort: <unset> 30380/TCPEndpoints: 10.244.1.37:80,10.244.2.38:80Session Affinity: NoneExternal Traffic Policy: ClusterEvents: <none>#ip一样的#访问 service [root@k8smaster service]# curl 10.97.89.147<!DOCTYPE html><html><head><title>Welcome to nginx!</title>注意: 10.100.156.7 是 k8s 集群内部的 service ip 地址,只能在 k8s 集群内部访问,在集群外无法访问。 都是80端口也没事,不冲突,会有新的ip加入到防火墙规则。#在集群外访问 service [root@k8smaster service]# curl 192.168.11.139:30380<!DOCTYPE html><html><head><title>Welcome to nginx!</title>#在浏览器访问 service
服务请求走向
Client-node ip:30380->service ip:80->pod ip:container port
Client->192.168.11.139:30380->10.97.89.147:80->pod ip:80
创建Service:type类型是ExternalName
应用场景:跨名称空间访问 需求:default 名称空间下的 client 服务想要访问 nginx-ns 名称空间下的 nginx-svc 服务 docker load -i busybox.tar.gznode1,2下载busybox[root@k8smaster service]# vim client.yamlapiVersion: apps/v1kind: Deployment metadata: name: clientspec: replicas: 1 selector: matchLabels: app: busybox template: metadata: labels: app: busybox spec: containers: - name: busybox image: busybox imagePullPolicy: IfNotPresent command: ["/bin/sh","-c","sleep 36000"][root@k8smaster service]# kubectl apply -f client.yaml deployment.apps/client created[root@k8smaster service]# vim client_svc.yaml apiVersion: v1kind: Servicemetadata: name: client-svcspec: type: ExternalName externalName: nginx-svc.nginx-ns.svc.cluster.local ports: - name: http port: 80 targetPort: 80该文件中指定了到 nginx-svc 的软链,让使用者感觉就好像调用自己命名空间的服务一样,访问 client-svc 会代理到 nginx-svc.nginx-ns.svc.cluster.local[root@k8smaster service]# kubectl apply -f client_svc.yaml service/client-svc created查看 pod 是否正常运行[root@k8smaster service]# kubectl get pods NAME READY STATUS RESTARTS AGEclient-849cbd69b-76hcp 1/1 Running 0 5m22s[root@k8smaster service]# kubectl describe svc client-svcName: client-svcNamespace: defaultLabels: <none>Annotations: Selector: <none>Type: ExternalNameIP: External Name: nginx-svc.nginx-ns.svc.cluster.local#FQDNPort: http 80/TCP#服务本身端口TargetPort: 80/TCPEndpoints: <none>#因为没有定义selector所以也是空Session Affinity: NoneEvents: <none>#新建一个命名空间,把nginx的东西放在下面。[root@k8smaster service]# kubectl create ns nginx-ns namespace/nginx-ns created[root@k8smaster service]# vim server_nginx.yaml apiVersion: apps/v1kind: Deployment metadata: name: nginx namespace: nginx-nsspec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx imagePullPolicy: IfNotPresent#nginx默认暴露80,所以可以找到deploy控制器创建的pod,进入到pod封装的容器nginx里面。[root@k8smaster service]# kubectl apply -f server_nginx.yaml deployment.apps/nginx created#查看 pod 是否创建成功 [root@k8smaster service]# kubectl get pods -n nginx-ns NAME READY STATUS RESTARTS AGEnginx-5957f949fc-9nwbh 1/1 Running 0 10s[root@xianchaomaster1 exter]# vim nginx_svc.yaml apiVersion: v1kind: Servicemetadata: name: nginx-svc namespace: nginx-nsspec: selector: app: nginx ports: - name: http protocol: TCP port: 80 targetPort: 80[root@k8smaster service]# kubectl apply -f nginx_svc.yaml service/nginx-svc created[root@k8smaster service]# kubectl describe svc nginx-svc -n nginx-nsName: nginx-svcNamespace: nginx-nsLabels: <none>Annotations: Selector: app=nginxType: ClusterIPIP: 10.101.124.84Port: http 80/TCPTargetPort: 80/TCPEndpoints: 10.244.1.39:80 #ip是一样的 这个service通过标签选择器选择app=nginx的pod也就是第二个模板创建的Session Affinity: NoneEvents: <none>[root@k8smaster service]# kubectl get pods -o wide -n nginx-nsNAME READY STATUS RESTARTS AGE IP NODE nginx-5957f949fc-9nwbh 1/1 Running 0 7m49s 10.244.1.39 k8snode2[root@k8smaster service]# curl 10.101.124.84<!DOCTYPE html><html><head><title>Welcome to nginx!</title>#登录到 client pod [root@xianchaomaster1 exter]# kubectl exec -it client-849cbd69b-76hcp -- /bin/sh / # wget -q -O - client-svc.default.svc.cluster.local wget -q -O - nginx-svc.nginx-ns.svc.cluster.local#上面两个请求的结果一样,这个实验是为了有些情况下想通过默认命名空间下的全局限定域名到其他命名空间下的服务和服务区域通信访问。映射外部服务案例
k8s 集群引用外部的 mysql 数据库
node2安装mysql[root@k8snode2 ~]# yum install mariadb-server.x86_64 -y [root@k8snode2 ~]# systemctl start mariadb [root@k8snode2 ~]# systemctl enable mariadb [root@k8smaster ~]# mkdir mysql[root@k8smaster ~]# cd mysql/[root@k8smaster mysql]# vim mysql_service.yaml apiVersion: v1kind: Servicemetadata: name: mysqlspec: type: ClusterIP ports: - port: 3306[root@k8smaster mysql]# kubectl apply -f mysql_service.yaml service/mysql created[root@k8smaster mysql]# kubectl get svc | grep mysql mysql ClusterIP 10.103.7.164 <none> 3306/TCP 4s[root@k8smaster mysql]# kubectl describe svc mysql Name: mysqlNamespace: defaultLabels: <none>Annotations: Selector: <none>Type: ClusterIPIP: 10.103.7.164Port: <unset> 3306/TCPTargetPort: 3306/TCPEndpoints: <none>#还没有 endpoint Session Affinity: NoneEvents: <none>[root@k8smaster mysql]# vim mysql_endpoint.yaml endpoint和svc的名字保持一致apiVersion: v1kind: Endpoints metadata: name: mysqlsubsets: - addresses: - ip: 192.168.40.182 ports: - port: 3306[root@k8smaster mysql]# kubectl apply -f mysql_endpoint.yaml endpoints/mysql created[root@k8smaster mysql]# kubectl describe svc mysql Name: mysqlNamespace: defaultLabels: <none>Annotations: Selector: <none>Type: ClusterIPIP: 10.103.7.164Port: <unset> 3306/TCPTargetPort: 3306/TCPEndpoints: 192.168.40.182:3306#这就是定义的外部数据库Session Affinity: NoneEvents: <none>mysql.default.svc.cluster.local #这就是它的全局域名上面配置就是将外部 IP 地址和服务引入到 k8s 集群内部(其他节点),由 service 作为一个代理来达到能够访问外部服务的目的。
写在最后
创作不易,如果觉得内容对你有帮助,麻烦给个三连关注支持一下我!如果有错误,请在评论区指出,我会及时更改!
目前正在更新的系列:从零开始学k8s
感谢各位的观看,文章掺杂个人理解,如有错误请联系我指出~