service基础概念和操作

sevice概念介绍

       service的实现强烈依赖于kube-DNS组件 新版本k8s安装的是core-DNS 

       因为每个pod是有生命周期的 为了给客户端访问pod提供一个固定的访问端点

       service是客户端和pod服务端之间的一个中间层       service的名称解析是强依赖于dns服务的

集群网络种类介绍

      pod网络和node网络的地址是一个实际的网络地址   是有对应的网络设备的(包括硬件和软件模拟出的网络设备)

      service网络(集群网络)   是一个虚拟的IP地址 仅仅是iptables或者ipvs的转发规则   不存在对应的网络设备

service的三种实现模式   

   1.用户空间模式
       请求先经过内核再转给kube-proxy进程最后转回给内核
   2.内核iptables规则
   3.内核ipvs规则

    新增或者删除一个符合标签选择器的pod后 pod信息会提交给apiserver保存到etcd中 kube-proxy一直watch着apiserver里面的数据信息

    一旦检测到变化会立即实时生成对应的ipvs转发规则  使外部的请求可以转发到对应的pod上
   service ports字段说明

       nodePort  》节点网络端口          port 》 service网络端口               targetPort 》pod网络端口

service资源记录解析规则

     总体格式   SVC_NAME.NS_NAME.DOMAIN.LTD.       集群后缀名为 svc.cluster.local.

     如  redis.default.svc.cluster.local.

           redis是创建的service名称   .default是redis service所在的名称空间    .svc.cluster.local.是k8s集群默认添加的后缀

service种类

     无头service

      定义service的时候把clusterIP设置为None 就代表是无头service
      在集群内部做dns解析的时候直接把service名称解析为对应pod的ip列表

apiVersion: v1
kind: Service
metadata:
  name: myappless
  namespace: default
spec:
  selector:
    app: myapp
  clusterIP: None
  type: ClusterIP
  ports:
  -  port: 80
     targetPort: 80

headless_svc.yaml

     有头service    

     如果是有头service的话 dns解析service名称的时候返回的是clusterIP 再由clusterIP通过DNAT到后端各个podIP之上

apiVersion: v1
kind: Service
metadata:
  name: myapp
  namespace: default
spec:
  selector:
    app: myapp
  clusterIP: 10.96.97.97
  type: ClusterIP
  ports:
  -  port: 80
     targetPort: 80

head_svc.yaml

两种不同的service解析结果对比

[root@k8s-master ~]# kubectl get pods -o wide
NAME                            READY     STATUS    RESTARTS   AGE       IP             NODE
myapp-deploy-67f6f6b4dc-248mn   1/1       Running   0          11m       10.244.2.71    node3
myapp-deploy-67f6f6b4dc-5kzk4   1/1       Running   0          11m       10.244.1.147   node2
myapp-deploy-67f6f6b4dc-cglrb   1/1       Running   0          11m       10.244.2.70    node3
myapp-deploy-67f6f6b4dc-fsgrz   1/1       Running   0          11m       10.244.2.69    node3
myapp-deploy-67f6f6b4dc-l5bd7   1/1       Running   0          11m       10.244.1.146   node2
[root@k8s-master ~]# kubectl get svc -n kube-system
NAME       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)         AGE
kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP   233d



[root@k8s-master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1     <none>        443/TCP   233d
myapp        ClusterIP   10.96.97.97   <none>        80/TCP    3m
myappless    ClusterIP   None          <none>        80/TCP    12s


#无头service直接解析到对应的pod上
[root@k8s-master ~]# dig -t A myappless.default.svc.cluster.local. @10.96.0.10

; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> -t A myappless.default.svc.cluster.local. @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12827
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;myappless.default.svc.cluster.local. IN    A

;; ANSWER SECTION:
myappless.default.svc.cluster.local. 5 IN A    10.244.1.146
myappless.default.svc.cluster.local. 5 IN A    10.244.1.147
myappless.default.svc.cluster.local. 5 IN A    10.244.2.69
myappless.default.svc.cluster.local. 5 IN A    10.244.2.70
myappless.default.svc.cluster.local. 5 IN A    10.244.2.71

;; Query time: 2 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Mon May 27 02:05:11 CST 2019
;; MSG SIZE  rcvd: 319


#有头service解析到clusterIp上
[root@k8s-master ~]# dig -t A myapp.default.svc.cluster.local. @10.96.0.10

; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> -t A myapp.default.svc.cluster.local. @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40454
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;myapp.default.svc.cluster.local. IN    A

;; ANSWER SECTION:
myapp.default.svc.cluster.local. 5 IN    A    10.96.97.97

;; Query time: 0 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Mon May 27 02:07:42 CST 2019
;; MSG SIZE  rcvd: 107

View Code

[root@k8s-master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP        230d
myapp        NodePort    10.100.165.177   <none>        80:32185/TCP   5m
[root@k8s-master ~]# kubectl run client --image=busybox --restart=Never -it /bin/sh
If you don't see a command prompt, try pressing enter.
/ # wget -O -q http://myapp.default:80
Connecting to myapp.default:80 (10.100.165.177:80)
-q                   100% |*****************************************|    65  0:00:00 ETA
/ # wget -O  - -q http://myapp.default:80
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O  - -q http://myapp.default:80
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>

[root@k8s-master ~]# wget -O - -q http://myappd.default:80/hostname.html
[root@k8s-master ~]# kubectl get pods
NAME                     READY     STATUS    RESTARTS   AGE
client                   1/1       Running   0          46m
myapp-6865459dff-c59qp   1/1       Running   0          1h
myapp-6865459dff-zd6wg   1/1       Running   0          10m
[root@k8s-master ~]# kubectl exec -it client /bin/sh
/ # wget -O - -q http://myapp.default:80/hostname.html
myapp-6865459dff-zd6wg

pod和pods deployment和deployments都可以
[root@k8s-master ~]# kubectl get deployment
NAME      DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
myapp     2         2         2            2           1h
[root@k8s-master ~]# kubectl get deployments
NAME      DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
myapp     2         2         2 

service常用命令