service基础概念和操作

sevice概念介绍

service的实现强烈依赖于kube-DNS组件 新版本k8s安装的是core-DNS

因为每个pod是有生命周期的 为了给客户端访问pod提供一个固定的访问端点

service是客户端和pod服务端之间的一个中间层       service的名称解析是强依赖于dns服务的

集群网络种类介绍

pod网络和node网络的地址是一个实际的网络地址   是有对应的网络设备的(包括硬件和软件模拟出的网络设备)

service网络(集群网络)   是一个虚拟的IP地址 仅仅是iptables或者ipvs的转发规则   不存在对应的网络设备

service的三种实现模式

1.用户空间模式
       请求先经过内核再转给kube-proxy进程最后转回给内核
   2.内核iptables规则
   3.内核ipvs规则

新增或者删除一个符合标签选择器的pod后 pod信息会提交给apiserver保存到etcd中 kube-proxy一直watch着apiserver里面的数据信息

一旦检测到变化会立即实时生成对应的ipvs转发规则  使外部的请求可以转发到对应的pod上
   service ports字段说明

nodePort  》节点网络端口          port 》 service网络端口               targetPort 》pod网络端口

service资源记录解析规则

总体格式   SVC_NAME.NS_NAME.DOMAIN.LTD.       集群后缀名为 svc.cluster.local.

如  redis.default.svc.cluster.local.

redis是创建的service名称   .default是redis service所在的名称空间    .svc.cluster.local.是k8s集群默认添加的后缀

service种类

无头service

定义service的时候把clusterIP设置为None 就代表是无头service
      在集群内部做dns解析的时候直接把service名称解析为对应pod的ip列表

apiVersion: v1
kind: Service
metadata:
  name: myappless
  namespace: default
spec:
  selector:
    app: myapp
  clusterIP: None
  type: ClusterIP
  ports:
  -  port:
     targetPort: 

headless_svc.yaml

有头service

如果是有头service的话 dns解析service名称的时候返回的是clusterIP 再由clusterIP通过DNAT到后端各个podIP之上

apiVersion: v1
kind: Service
metadata:
  name: myapp
  namespace: default
spec:
  selector:
    app: myapp
  clusterIP: 10.96.97.97
  type: ClusterIP
  ports:
  -  port:
     targetPort: 

head_svc.yaml

两种不同的service解析结果对比

[root@k8s-master ~]# kubectl get pods -o wide
NAME                            READY     STATUS    RESTARTS   AGE       IP             NODE
myapp-deploy-67f6f6b4dc-248mn   /       Running             11m       10.244.2.71    node3
myapp-deploy-67f6f6b4dc-5kzk4   /       Running             11m       10.244.1.147   node2
myapp-deploy-67f6f6b4dc-cglrb   /       Running             11m       10.244.2.70    node3
myapp-deploy-67f6f6b4dc-fsgrz   /       Running             11m       10.244.2.69    node3
myapp-deploy-67f6f6b4dc-l5bd7   /       Running             11m       10.244.1.146   node2
[root@k8s-master ~]# kubectl get svc -n kube-system
NAME       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)         AGE
kube-dns   ClusterIP   10.96.0.10   <none>        /UDP,/TCP   233d

[root@k8s-master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1     <none>        /TCP   233d
myapp        ClusterIP   10.96.97.97   <none>        /TCP    3m
myappless    ClusterIP   None          <none>        /TCP    12s

#无头service直接解析到对应的pod上
[root@k8s-master ~]# dig -t A myappless.default.svc.cluster.local. @10.96.0.10

; <<>> DiG 9.9.-RedHat-9.9.-.el7_6 <<>> -t A myappless.default.svc.cluster.local. @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
;; flags: qr aa rd ra; QUERY: , ANSWER: , AUTHORITY: , ADDITIONAL: 

;; OPT PSEUDOSECTION:
; EDNS: version: , flags:; udp:
;; QUESTION SECTION:
;myappless.default.svc.cluster.local. IN    A

;; ANSWER SECTION:
myappless.default.svc.cluster.local.  IN A    10.244.1.146
myappless.default.svc.cluster.local.  IN A    10.244.1.147
myappless.default.svc.cluster.local.  IN A    10.244.2.69
myappless.default.svc.cluster.local.  IN A    10.244.2.70
myappless.default.svc.cluster.local.  IN A    10.244.2.71

;; Query time:  msec
;; SERVER: 10.96.0.10#(10.96.0.10)
;; WHEN: Mon May  :: CST
;; MSG SIZE  rcvd: 

#有头service解析到clusterIp上
[root@k8s-master ~]# dig -t A myapp.default.svc.cluster.local. @10.96.0.10

; <<>> DiG 9.9.-RedHat-9.9.-.el7_6 <<>> -t A myapp.default.svc.cluster.local. @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
;; flags: qr aa rd ra; QUERY: , ANSWER: , AUTHORITY: , ADDITIONAL: 

;; OPT PSEUDOSECTION:
; EDNS: version: , flags:; udp:
;; QUESTION SECTION:
;myapp.default.svc.cluster.local. IN    A

;; ANSWER SECTION:
myapp.default.svc.cluster.local.  IN    A    10.96.97.97

;; Query time:  msec
;; SERVER: 10.96.0.10#(10.96.0.10)
;; WHEN: Mon May  :: CST
;; MSG SIZE  rcvd: 

[root@k8s-master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1        <none>        /TCP        230d
myapp        NodePort    10.100.165.177   <none>        :/TCP   5m
[root@k8s-master ~]# kubectl run client --image=busybox --restart=Never -it /bin/sh
If you don't see a command prompt, try pressing enter.
/ # wget -O -q http://myapp.default:80
Connecting to myapp.default: (10.100.165.177:)
-q                   % |*****************************************|      :: ETA
/ # wget -O  - -q http://myapp.default:80
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O  - -q http://myapp.default:80
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>

[root@k8s-master ~]# wget -O - -q http://myappd.default:80/hostname.html
[root@k8s-master ~]# kubectl get pods
NAME                     READY     STATUS    RESTARTS   AGE
client                   /       Running             46m
myapp-6865459dff-c59qp   /       Running             1h
myapp-6865459dff-zd6wg   /       Running             10m
[root@k8s-master ~]# kubectl exec -it client /bin/sh
/ # wget -O - -q http://myapp.default:80/hostname.html
myapp-6865459dff-zd6wg

pod和pods deployment和deployments都可以
[root@k8s-master ~]# kubectl get deployment
NAME      DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
myapp                                              1h
[root@k8s-master ~]# kubectl get deployments
NAME      DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
myapp                        

service常用命令