K8S中Service详解(二)

元气满满的热码式2025-01-24 18:25

Service类型

  • Service的资源清单文件:
bash 复制代码 
---
kind: Service # 资源类型
apiVersion: v1 # 资源版本
metadata: # 元数据
  name: service # 资源名称
  namespace: dev # 命名空间
spec: # 描述
  selector: # 标签选择器,用于确定当前service代理哪些pod
    app: nginx
  type: ClusterIP # Service类型,指定service的访问方式
  clusterIP: None # 虚拟服务的ip地址,设置为None表示创建Headless Service
  sessionAffinity: ClientIP # session亲和性,支持ClientIP、None两个选项
  ports: # 端口信息
    - protocol: TCP
      port: 3017 # service端口
      targetPort: 5003 # pod端口

  • ClusterIP

    • 默认类型。Kubernetes 为 Service 分配一个虚拟的 IP 地址(ClusterIP),这个 IP 只能在集群内部访问。

    • 适用于在集群内部提供服务发现和负载均衡,而不对外公开服务。

  • NodePort

    • 在集群的所有节点上打开一个静态端口(NodePort),外部可以通过任何节点的 IP 地址加这个端口来访问 Service。

    • 适用于需要从集群外部访问服务的场景,但不像 LoadBalancer 那样需要云服务提供商的支持。

  • LoadBalancer

    • 与 NodePort 类似,但会利用云服务提供商的负载均衡器来分发流量。

    • 适用于需要高可用性和可扩展性的场景,并且外部访问流量较大时推荐使用。

    • 注意:需要云服务商支持,并且可能涉及额外的费用。

  • ExternalName

    • 不分配 ClusterIP,而是将服务映射到一个外部的 DNS 名称。

    • 适用于将集群外部的服务(如数据库服务)映射到 Kubernetes 集群内部,使得集群内的服务可以像调用集群内的服务一样调用这些外部服务。

Service使用

环境准备

首先要安装ipvs:

bash 复制代码 
yum -y install ipset ipvsadm

cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF

chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

reboot

[root@k8s-master ~]# cat /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
[root@k8s-master ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
[root@k8s-master ~]# echo '{"registry-mirrors": ["https://docker.1ms.run"]}' | sudo tee /etc/docker/daemon.json > /dev/null
[root@k8s-master ~]# systemctl daemon-reload



[root@k8s-master ~]# systemctl restart docker
[root@k8s-master ~]# 
[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl edit configmap kube-proxy -n kube-system    
#修改mode为"ipvs"
configmap/kube-proxy edited
[root@k8s-master ~]# kubectl get pod -n kube-system
NAME                                       READY   STATUS      RESTARTS   AGE
calico-kube-controllers-697d846cf4-79hpj   0/1     Error       0          27d
calico-node-58ss2                          0/1     Running     1          27d
calico-node-gc547                          0/1     Completed   0          27d
calico-node-hdhxf                          0/1     Running     1          27d
coredns-6f6b8cc4f6-5nbb6                   0/1     Completed   0          27d
coredns-6f6b8cc4f6-q9rhc                   0/1     Completed   0          27d
etcd-k8s-master                            1/1     Running     1          27d
kube-apiserver-k8s-master                  1/1     Running     1          27d
kube-controller-manager-k8s-master         1/1     Running     1          27d
kube-proxy-7hp6l                           1/1     Running     1          27d
kube-proxy-ddhnb                           1/1     Running     1          27d
kube-proxy-dwcgd                           1/1     Running     1          27d
kube-scheduler-k8s-master                  1/1     Running     1          27d
[root@k8s-master ~]# kubectl delete pod -l k8s-app=kube-proxy -n kube-system
pod "kube-proxy-7hp6l" deleted
pod "kube-proxy-ddhnb" deleted
pod "kube-proxy-dwcgd" deleted
[root@k8s-master ~]# kubectl get pod -n kube-system -w
NAME                                       READY   STATUS    RESTARTS   AGE
calico-kube-controllers-697d846cf4-79hpj   1/1     Running   1          27d
calico-node-58ss2                          1/1     Running   1          27d
calico-node-gc547                          1/1     Running   1          27d
calico-node-hdhxf                          1/1     Running   1          27d
coredns-6f6b8cc4f6-5nbb6                   1/1     Running   1          27d
coredns-6f6b8cc4f6-q9rhc                   1/1     Running   1          27d
etcd-k8s-master                            1/1     Running   1          27d
kube-apiserver-k8s-master                  1/1     Running   1          27d
kube-controller-manager-k8s-master         1/1     Running   1          27d
kube-proxy-2dlzz                           1/1     Running   0          3s
kube-proxy-8pplm                           1/1     Running   0          4s
kube-proxy-9sbf5                           1/1     Running   0          5s
kube-scheduler-k8s-master                  1/1     Running   1          27d
^C[root@k8s-master ~]ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.96.0.1:443 rr
  -> 192.168.58.231:6443          Masq    1      1          0         
TCP  10.96.0.10:53 rr
  -> 10.244.36.69:53              Masq    1      0          0         
  -> 10.244.36.70:53              Masq    1      0          0         
TCP  10.96.0.10:9153 rr
  -> 10.244.36.69:9153            Masq    1      0          0         
  -> 10.244.36.70:9153            Masq    1      0          0         
UDP  10.96.0.10:53 rr
  -> 10.244.36.69:53              Masq    1      0          0         
  -> 10.244.36.70:53              Masq    1      0          0
  • 创建三个Pod
bash 复制代码 
[root@k8s-master ~]# cat deployment.yaml 
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pc-deployment
  namespace: test
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx-pod
  template:
    metadata:
      labels:
        app: nginx-pod
    spec:
      containers:
      - name: nginx
        image: nginx:1.17.1
        ports:
        - containerPort: 80

[root@k8s-master ~]# kubectl get pods -n test -w
NAME                             READY   STATUS    RESTARTS   AGE
pc-deployment-5ffc5bf56c-4w9ps   1/1     Running   0          4m7s
pc-deployment-5ffc5bf56c-d765t   1/1     Running   1          4m7s
pc-deployment-5ffc5bf56c-h969g   1/1     Running   1          4m7s
^C[root@k8s-master ~]# kubectl get pod -n test --show-labels
NAME                             READY   STATUS    RESTARTS   AGE    LABELS
pc-deployment-7b7c9c7cfd-4m68g   1/1     Running   0          101s   app=nginx-pod,pod-template-hash=7b7c9c7cfd
pc-deployment-7b7c9c7cfd-ctdtf   1/1     Running   0          101s   app=nginx-pod,pod-template-hash=7b7c9c7cfd
pc-deployment-7b7c9c7cfd-gjn74   1/1     Running   0          102s   app=nginx-pod,pod-template-hash=7b7c9c7cfd


# 为了方便后面的测试,修改下三台nginx的index.html页面(三台修改的IP地址不一致)
[root@k8s-master ~]# kubectl exec -it pc-deployment-7b7c9c7cfd-4m68g -n test /bin/bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
root@pc-deployment-7b7c9c7cfd-4m68g:/#  echo "`hostname -I` web-01" > /usr/share/nginx/html/index.html
root@pc-deployment-7b7c9c7cfd-4m68g:/# exit
exit
root@pc-deployment-7b7c9c7cfd-ctdtf:/# cat /usr/share/nginx/html/index.html 
10.244.169.132  web-01

root@pc-deployment-7b7c9c7cfd-ctdtf:/#  echo "`hostname -I` web-02" > /usr/share/nginx/html/index.html  
root@pc-deployment-7b7c9c7cfd-ctdtf:/# exit
exit
[root@k8s-master ~]# curl 10.244.169.132
10.244.169.132  web-02
[root@k8s-master ~]# kubectl exec -it pc-deployment-7b7c9c7cfd-gjn74  -n test /bin/bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
root@pc-deployment-7b7c9c7cfd-gjn74:/#  echo "`hostname -I` web-03" > /usr/share/nginx/html/index.html

root@pc-deployment-7b7c9c7cfd-gjn74:/# exit
exit
command terminated with exit code 127
[root@k8s-master ~]# curl 10.244.36.80
10.244.36.80  web-03

ClusterIP类型的Service

bash 复制代码 
[root@k8s-master ~]# vim service-clusterip.yaml
[root@k8s-master ~]# kubectl apply -f service-clusterip.yaml 
service/svc-clusterip created
[root@k8s-master ~]#  kubectl get svc,pod -n test
NAME                    TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
service/svc-clusterip   ClusterIP   10.96.190.198   <none>        80/TCP    9s

NAME                                 READY   STATUS    RESTARTS   AGE
pod/pc-deployment-7b7c9c7cfd-4m68g   1/1     Running   0          26m
pod/pc-deployment-7b7c9c7cfd-ctdtf   1/1     Running   0          26m
pod/pc-deployment-7b7c9c7cfd-gjn74   1/1     Running   0          26m
[root@k8s-master ~]#  kubectl get svc,pod -n test -o wide
NAME                    TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE   SELECTOR
service/svc-clusterip   ClusterIP   10.96.190.198   <none>        80/TCP    49s   app=nginx-pod

NAME                                 READY   STATUS    RESTARTS   AGE   IP               NODE        NOMINATED NODE   READINESS GATES
pod/pc-deployment-7b7c9c7cfd-4m68g   1/1     Running   0          27m   10.244.36.81     k8s-node1   <none>           <none>
pod/pc-deployment-7b7c9c7cfd-ctdtf   1/1     Running   0          27m   10.244.169.132   k8s-node2   <none>           <none>
pod/pc-deployment-7b7c9c7cfd-gjn74   1/1     Running   0          27m   10.244.36.80     k8s-node1   <none>           <none>
[root@k8s-master ~]# kubectl describe svc svc-clusterip -n test
Name:              svc-clusterip
Namespace:         test
Labels:            <none>
Annotations:       <none>
Selector:          app=nginx-pod
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.190.198
IPs:               10.96.190.198
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.244.169.132:80,10.244.36.80:80,10.244.36.81:80
Session Affinity:  None
Events:            <none>
[root@k8s-master ~]# for ((i=1;i<=6;i++)) do  curl  10.96.190.198; done
10.244.36.81  web-01
10.244.36.80  web-03
10.244.169.132  web-02
10.244.36.81  web-01
10.244.36.80  web-03
10.244.169.132  web-02
[root@k8s-master ~]# ipvsadm -Ln | grep -A3  10.96.190.198:80 
TCP  10.96.190.198:80 rr
  -> 10.244.36.80:80              Masq    1      0          2         
  -> 10.244.36.81:80              Masq    1      0          2         
  -> 10.244.169.132:80            Masq    1      0          2         
[root@k8s-master ~]# ipvsadm -Ln 
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.96.0.1:443 rr
  -> 192.168.58.231:6443          Masq    1      4          0         
TCP  10.96.0.10:53 rr
  -> 10.244.36.77:53              Masq    1      0          0         
  -> 10.244.36.78:53              Masq    1      0          0         
TCP  10.96.0.10:9153 rr
  -> 10.244.36.77:9153            Masq    1      0          0         
  -> 10.244.36.78:9153            Masq    1      0          0         
TCP  10.96.190.198:80 rr
  -> 10.244.36.80:80              Masq    1      0          2         
  -> 10.244.36.81:80              Masq    1      0          2         
  -> 10.244.169.132:80            Masq    1      0          2         
UDP  10.96.0.10:53 rr
  -> 10.244.36.77:53              Masq    1      0          0         
  -> 10.244.36.78:53              Masq    1      0          0

Endpoint类型的Service

  • Endpoint是kubernetes中的一个资源对象,存储在etcd中,用来记录一个service对应的所有pod的访问地址,它是根据service配置文件中selector描述产生的。

  • 一个Service由一组Pod组成,这些Pod通过Endpoints暴露出来,Endpoints 是实现实际服务的端点集合。换句话说,service和pod之间的联系是通过endpoints实现的。

bash 复制代码 
[root@k8s-master ~]# kubectl get pod -n test -o  wide
NAME                             READY   STATUS    RESTARTS   AGE   IP               NODE        NOMINATED NODE   READINESS GATES
pc-deployment-7b7c9c7cfd-4m68g   1/1     Running   0          87m   10.244.36.81     k8s-node1   <none>           <none>
pc-deployment-7b7c9c7cfd-ctdtf   1/1     Running   0          87m   10.244.169.132   k8s-node2   <none>           <none>
pc-deployment-7b7c9c7cfd-gjn74   1/1     Running   0          87m   10.244.36.80     k8s-node1   <none>           <none>
[root@k8s-master ~]# kubectl get endpoints -n test
NAME            ENDPOINTS                                           AGE
svc-clusterip   10.244.169.132:80,10.244.36.80:80,10.244.36.81:80   62m
[root@k8s-master ~]#  for ((i=1;i<=6;i++)) do  curl 10.96.190.198; done
10.244.36.81  web-01
10.244.36.80  web-03
10.244.169.132  web-02
10.244.36.81  web-01
10.244.36.80  web-03
10.244.169.132  web-02
[root@k8s-master ~]# kubectl delete -f service-clusterip.yaml 
service "svc-clusterip" deleted
[root@k8s-master ~]# vim service-clusterip.yaml 
[root@k8s-master ~]# kubectl apply -f service-clusterip.yaml 
service/svc-clusterip created
[root@k8s-master ~]# kubectl get svc svc-clusterip -n test
NAME            TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
svc-clusterip   ClusterIP   10.96.237.115   <none>        80/TCP    20s
[root@k8s-master ~]# kubectl get svc svc-clusterip -n test -o wide
NAME            TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE   SELECTOR
svc-clusterip   ClusterIP   10.96.237.115   <none>        80/TCP    26s   app=nginx-pod
[root@k8s-master ~]# kubectl describe svc svc-clusterip -n test
Name:              svc-clusterip
Namespace:         test
Labels:            <none>
Annotations:       <none>
Selector:          app=nginx-pod
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.237.115
IPs:               10.96.237.115
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.244.169.132:80,10.244.36.80:80,10.244.36.81:80
Session Affinity:  ClientIP
Events:            <none>
[root@k8s-master ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.96.0.1:443 rr
  -> 192.168.58.231:6443          Masq    1      4          0         
TCP  10.96.0.10:53 rr
  -> 10.244.36.77:53              Masq    1      0          0         
  -> 10.244.36.78:53              Masq    1      0          0         
TCP  10.96.0.10:9153 rr
  -> 10.244.36.77:9153            Masq    1      0          0         
  -> 10.244.36.78:9153            Masq    1      0          0         
TCP  10.96.237.115:80 rr persistent 10800
  -> 10.244.36.80:80              Masq    1      0          0         
  -> 10.244.36.81:80              Masq    1      0          0         
  -> 10.244.169.132:80            Masq    1      0          0         
UDP  10.96.0.10:53 rr
  -> 10.244.36.77:53              Masq    1      0          0         
  -> 10.244.36.78:53              Masq    1      0          0         

[root@k8s-master ~]#  for ((i=1;i<=6;i++)) do  curl 10.96.237.115; done
10.244.36.81  web-01
10.244.36.81  web-01
10.244.36.81  web-01
10.244.36.81  web-01
10.244.36.81  web-01
10.244.36.81  web-01
相关推荐
ci0n25 分钟前
PVE安装DSM
linux·开源
开开心心就好28 分钟前
手机不同App音量自动调节软件
网络·windows·python·安全·智能手机·电脑·音视频
GalaxyPokemon35 分钟前
MySQL基础 [二] - 数据库基础
linux·网络·数据库·mysql
智联视频超融合平台44 分钟前
国网B接口注册流程详解以及注册失败原因(电网B接口)
网络·人工智能·后端·网络协议·安全·音视频·实时音视频
大白的编程日记.1 小时前
进程状态(运行 阻塞 僵尸)及其场景分析
linux·笔记
牛马大师兄1 小时前
Shell脚本编程之正则表达式
linux·运维·服务器·开发语言·ssh·bash·shell
曼岛_1 小时前
CentOS 7 强制升级Docker 24.x终极指南(解决MySQL8镜像兼容性问题)
linux·docker·centos
Richard20121 小时前
Linux Command Recap
linux·前端
W说编程1 小时前
《UNIX网络编程卷1:套接字联网API》第4章 基本TCP套接字编程
c语言·网络·网络协议·tcp/ip·架构·unix·tcp
互联网之声2 小时前
绿舟与亚马逊云科技达成全方位合作,助力出海品牌绿色可持续发展!
网络
热门推荐
01生活电子常识--删除谷歌浏览器搜索记录02我决定放弃搞 Java 了03如何在WPS和Word/Excel中直接使用DeepSeek功能04DeepSeek RAGFlow构建本地知识库系统05RAG 实践- Ollama+RagFlow 部署本地知识库06DeepSeek各版本说明与优缺点分析07门票问题(c++题解)08汽车上的各种质量:整备质量、总质量、装载质量、簧上质量、簧下质量09从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑10蓝桥杯真题演练:2023B组c/c++