您当前的位置: 首页 > 慢生活 > 程序人生 网站首页程序人生
33、Service 实验讲解
发布时间:2022-12-25 14:30:55编辑:雪饮阅读()
Step1
上篇了解了无头服务,那么无头服务如何访问?没有svc?
Dig是一个用于域名解析,比如常见的a记录解析的好东西.
yum install bind-utils
随便找到一个running状态的coredns
[root@k8s-master01 ~]# kubectl get pod -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-5c98db65d4-9thzq 1/1 Running 8 11d 10.224.0.11 k8s-master01 <none> <none>
然后为咱们的无头服务进行添加一条a记录解析
[root@k8s-master01 ~]# dig -t A myapp-headless.default.svc.cluster.local. @10.224.0.11
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.10 <<>> -t A myapp-headless.default.svc.cluster.local. @10.224.0.11
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29144
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;myapp-headless.default.svc.cluster.local. IN A
;; ANSWER SECTION:
myapp-headless.default.svc.cluster.local. 30 IN A 10.224.1.122
myapp-headless.default.svc.cluster.local. 30 IN A 10.224.2.111
myapp-headless.default.svc.cluster.local. 30 IN A 10.224.1.123
;; Query time: 0 msec
;; SERVER: 10.224.0.11#53(10.224.0.11)
;; WHEN: 日 12月 25 13:52:48 CST 2022
;; MSG SIZE rcvd: 237
可以看到有3条答案了
和这3个pod一一对应
[root@k8s-master01 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp-deploy-6cc7c66999-92mfh 1/1 Running 1 4d15h 10.224.1.122 k8s-node01 <none> <none>
myapp-deploy-6cc7c66999-vnxqv 1/1 Running 1 4d15h 10.224.1.123 k8s-node01 <none> <none>
myapp-deploy-6cc7c66999-x5rgr 1/1 Running 1 4d15h 10.224.2.111 k8s-node02 <none> <none>
证明了,无头服务虽然没有svc,但也可以通过绑定域名的方式去访问
Step2
创建nodePort的yaml模板
[root@k8s-master01 ~]# cat node_port.yaml
apiVersion: v1
kind: Service
metadata:
name : myapp
namespace: default
spec:
type: NodePort
selector:
app: myapp
release: stabel
ports:
- name: http
port: 80
targetPort: 80
然后创建nodePort
[root@k8s-master01 ~]# kubectl apply -f node_port.yaml
service/myapp configured
创建了nodePort后,相当于svc里有这个nodePort了
[root@k8s-master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11d
myapp NodePort 10.101.243.120 <none> 80:30821/TCP 4d15h
myapp-headless ClusterIP None <none> 80/TCP 4d15h
通过name与pod那边进行关联的好像
[root@k8s-master01 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-deploy-6cc7c66999-92mfh 1/1 Running 1 4d15h
myapp-deploy-6cc7c66999-vnxqv 1/1 Running 1 4d15h
myapp-deploy-6cc7c66999-x5rgr 1/1 Running 1 4d15h
那么此时从各节点都可以访问这个30821,如:
Master上对应这个端口是开放的
[root@k8s-master01 ~]# netstat -anpt | grep :30821
tcp6 0 0 :::30821 :::* LISTEN 3371/kube-proxy
节点1同样
[root@k8s-node01 ~]# netstat -anpt | grep :30821
tcp6 0 0 :::30821 :::* LISTEN 2384/kube-proxy
节点2亦然
[root@k8s-node02 ~]# netstat -anpt | grep :30821
tcp6 0 0 :::30821 :::* LISTEN 2226/kube-proxy
在master的ipvsadm中也能查到调度
[root@k8s-master01 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.66.10:30821 rr
-> 10.224.1.122:80 Masq 1 0 0
-> 10.224.1.123:80 Masq 1 0 0
-> 10.224.2.111:80 Masq 1 0 0
这里需要注意的是ipvsadm在不同的节点上执行的效果可能是不同的
Step3
创建ExternalName的yaml模板
[root@k8s-master01 ~]# cat ex.yaml
kind: Service
apiVersion: v1
metadata:
name: my-service-1
namespace: default
spec:
type: ExternalName
externalName: hub.atguigu.com
然后创建externalName
[root@k8s-master01 ~]# kubectl create -f ex.yaml
service/my-service-1 created
然后可以看到该svc
[root@k8s-master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11d
my-service-1 ExternalName <none> hub.atguigu.com <none> 2m27s
myapp NodePort 10.101.243.120 <none> 80:30821/TCP 4d16h
myapp-headless ClusterIP None <none> 80/TCP 4d15h
重要的是external-ip显示的不是ip而是刚才我们的externalName的这个yaml模板里面的配置的这个我们的harbor的域名
那么我们可以用前面Step1中那个coredns来dig进行解析下,虽然是a解析,但实际上是走别名
[root@k8s-master01 ~]# dig -t A my-service-1.default.svc.cluster.local. @10.224.0.11
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.10 <<>> -t A my-service-1.default.svc.cluster.local. @10.224.0.11
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16235
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;my-service-1.default.svc.cluster.local. IN A
;; ANSWER SECTION:
my-service-1.default.svc.cluster.local. 30 IN CNAME hub.atguigu.com.
;; Query time: 2002 msec
;; SERVER: 10.224.0.11#53(10.224.0.11)
;; WHEN: 日 12月 25 14:28:21 CST 2022
;; MSG SIZE rcvd: 134
这相当于dns别名操作了,属于是。
关键字词:Service,实验,讲解