Kubernetes 1.19.0——服务的发布

原创

gz_naldo

修改于 2020-10-30 11:24:14

6800

修改于 2020-10-30 11:24:14

文章被收录于专栏：CloudComputingCloudComputing

所谓发布指的是，如何让集群之外的主机能访问服务

Cluster-IP只有集群内部可访问（图中命令显示只能通过80端口访问）

SVC并不是所有协议都能访问

NodePort

为某个服务配置了NodePort，此NodePort会在所有节点上映射

[root@vms61 chap9-svc]# kubectl expose --name=svc1 deployment web1 --port=80 --target-port=80 --type=NodePort
service/svc1 exposed
[root@vms61 chap9-svc]# kubectl get svc
NAME   TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
svc1   NodePort   10.100.69.97   <none>        80:32217/TCP   3s

[root@vms61 chap9-svc]# kubectl expose --name=svc1 deployment web1 --port=80 --target-port=80
service/svc1 exposed
[root@vms61 chap9-svc]# kubectl edit svc svc1
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2020-10-07T04:31:13Z"
  labels:
    aa: bb
  name: svc1
  namespace: chap9-svc
  resourceVersion: "723282"
  selfLink: /api/v1/namespaces/chap9-svc/services/svc1
  uid: 4d758411-58ce-440d-82a0-595bb0b1d16f
spec:
  clusterIP: 10.107.137.53
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app2: web2
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

LoadBalancer

访问https://metallb.universe.tf/installation/

下载下来

Ingress（推荐）

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.21.0

[root@vms61 chap9-svc]# ls
blog.yaml  mandatory.yaml  web1.yaml
[root@vms61 chap9-svc]# grep image mandatory.yaml 
          image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.21.0
[root@vms61 chap9-svc]# kubectl apply -f mandatory.yaml 
namespace/ingress-nginx created
configmap/nginx-configuration created
configmap/tcp-services created
configmap/udp-services created
serviceaccount/nginx-ingress-serviceaccount created
Warning: rbac.authorization.k8s.io/v1beta1 ClusterRole is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRole
clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole created
Warning: rbac.authorization.k8s.io/v1beta1 Role is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 Role
role.rbac.authorization.k8s.io/nginx-ingress-role created
Warning: rbac.authorization.k8s.io/v1beta1 RoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 RoleBinding
rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding created
Warning: rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding
clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding created
deployment.apps/nginx-ingress-controller created

[root@vms61 chap9-svc]# kubectl get deploy -n ingress-nginx 
NAME                       READY   UP-TO-DATE   AVAILABLE   AGE
nginx-ingress-controller   1/1     1            1           23m
[root@vms61 chap9-svc]# kubectl expose --name=ingress deployment nginx-ingress-controller --port=80 --type=NodePort -n ingress-nginx 
service/ingress exposed

[root@vms61 chap9-svc]# kubectl run pod1 --image=nginx --image-pull-policy=IfNotPresent
pod/pod1 created
[root@vms61 chap9-svc]# kubectl run pod2 --image=nginx --image-pull-policy=IfNotPresent
pod/pod2 created
[root@vms61 chap9-svc]# kubectl run pod3 --image=nginx --image-pull-policy=IfNotPresent
pod/pod3 created
[root@vms61 chap9-svc]# kubectl exec -it pod1 -- bash
root@pod1:/# echo 11111 > /usr/share/nginx/html/index.html 
root@pod1:/# exit
exit
[root@vms61 chap9-svc]# kubectl exec -it pod2 -- bash
root@pod2:/# echo 22222 > /usr/share/nginx/html/index.html 
root@pod2:/# exit
exit
[root@vms61 chap9-svc]# kubectl exec -it pod3 -- bash
root@pod3:/# mkdir /usr/share/nginx/html/app
root@pod3:/# echo 33333 > /usr/share/nginx/html/index.html 
root@pod3:/# echo app > /usr/share/nginx/html/app/index.html
root@pod3:/# exit
exit

[root@vms61 chap9-svc]# kubectl expose --name=svc1 pod pod1 --port=80
service/svc1 exposed
[root@vms61 chap9-svc]# kubectl expose --name=svc2 pod pod2 --port=80
service/svc2 exposed
[root@vms61 chap9-svc]# kubectl expose --name=svc3 pod pod3 --port=80
service/svc3 exposed

[root@vms61 chap9-svc]# cat ingress.yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: myingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: www1.aa.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          serviceName: svc1
          servicePort: 80
  - host: www2.aa.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          serviceName: svc2
          servicePort: 80
[root@vms61 chap9-svc]# kubectl apply -f ingress.yaml 
Warning: networking.k8s.io/v1beta1 Ingress is deprecated in v1.19+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
ingress.networking.k8s.io/myingress configured
[root@vms61 chap9-svc]# kubectl get svc -n ingress-nginx 
NAME      TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
ingress   NodePort   10.102.22.173   <none>        80:31256/TCP   79m
[root@vms61 chap9-svc]# curl www1.aa.com:31256
11111
[root@vms61 chap9-svc]# curl www2.aa.com:31256
22222

原创声明：本文系作者授权腾讯云开发者社区发表，未经许可，不得转载。

如有侵权，请联系 cloudcommunity@tencent.com 删除。