KUBERNETES04_Service服务ClusterIPNodePort方式Ingress域名访问路径重写限流操作

Posted 所得皆惊喜

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了KUBERNETES04_Service服务ClusterIPNodePort方式Ingress域名访问路径重写限流操作相关的知识,希望对你有一定的参考价值。

①. Service服务发现ClusterIP方式

  • ①. Service:Pod的服务发现与负载均衡

  • ②. 有三个pods实例的nginx,进入到容器内部,对默认页面进行如下操作

cd /usr/share/nginx
echo "hello 111"->index.html
echo "hello 222"->index.html
echo "hello 333"->index.html

  • ③. 隐藏pod的端口和ip,暴露serviceip和端口,在集群内部进行访问
# 和下面命令等价kubectl expose deploy my-dep-01 --port=8000 --target-port=80 --type=ClusterIP
[root@k8smaster ~]# kubectl expose deployment my-dep-01 --port=8000 --target-port=80
[root@k8smaster ~]# kubectl get service
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP    7d15h
my-dep-01    ClusterIP   10.96.170.26   <none>        8000/TCP   2m12s
[root@k8smaster ~]# curl 10.96.170.26:8000
hello 111-
[root@k8smaster ~]# curl 10.96.170.26:8000
hello 222-
[root@k8smaster ~]# curl 10.96.170.26:8000
hello 111-
[root@k8smaster ~]# curl 10.96.170.26:8000
hello 333-
[root@k8smaster ~]# curl 10.96.170.26:8000

  • ④. 如果说这个时候我们创部署一个前端的项目,前端项目可以通过域名的方式进行访问
    curl my-dep-01.default.svc:8000 (注意不能在浏览器中访问,也不能在集群不进入容器的方式进行访问)
  • ⑤. 通过yaml文件配置Service
    app: my-dep-01通过如下命令查询到的
[root@k8smaster ~]# kubectl get pod --show-labels
NAME                        READY   STATUS    RESTARTS   AGE   LABELS
my-dep-01-686cfb7bf-b2vbl   1/1     Running   0          55m   k8s-app=my-dep-01,pod-template-hash=686cfb7bf
my-dep-01-686cfb7bf-f9wdc   1/1     Running   0          55m   k8s-app=my-dep-01,pod-template-hash=686cfb7bf
my-dep-01-686cfb7bf-jdhqh   1/1     Running   0          55m   k8s-app=my-dep-01,pod-template-hash=686cfb7bf
apiVersion: v1
kind: Service
metadata:
  labels:
    app: my-dep
  name: my-dep
spec:
  selector:
    app: my-dep-01
  ports:
  - port: 8000
    protocol: TCP
    targetPort: 80

②. Service服务暴露NodePort方式

  • ①. NodePort命令行的方式
    kubectl expose deployment my-dep --port=8000 --target-port=80 --type=NodePort
    NodePort范围在 30000-32767之间
[root@k8smaster ~]# kubectl get deploy
NAME        READY   UP-TO-DATE   AVAILABLE   AGE
my-dep-01   3/3     3            3           21m
[root@k8smaster ~]# kubectl expose deploy my-dep-01 --port=8000 --target-port=80 --type=NodePort
service/my-dep-01 exposed
[root@k8smaster ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP          12d
my-dep-01    NodePort    10.96.235.249   <none>        8000:30267/TCP   5s
[root@k8smaster ~]# curl 10.96.235.249:8000
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html  color-scheme: light dark; 
body  width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; 
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@k8smaster ~]# 

  • ②. yaml文件的方式
apiVersion: v1
kind: Service
metadata:
  labels:
    app: my-dep-01
  name: my-dep-01
spec:
  ports:
  - port: 8000
    protocol: TCP
    targetPort: 80
  selector:
    app: my-dep-01
  type: NodePort

③. Ingress的概述以安装

  • ①. Ingress是Service的统一网关入口,Service又是Pod统一的入口

  • ②. 安装Ingress
    kubect apply -f ingreess.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx

---
# Source: ingress-nginx/templates/controller-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    helm.sh/chart: ingress-nginx-3.33.0
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/version: 0.47.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: controller
  name: ingress-nginx
  namespace: ingress-nginx
automountServiceAccountToken: true
---
# Source: ingress-nginx/templates/controller-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  labels:
    helm.sh/chart: ingress-nginx-3.33.0
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/version: 0.47.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: controller
  name: ingress-nginx-controller
  namespace: ingress-nginx
data:
---
# Source: ingress-nginx/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    helm.sh/chart: ingress-nginx-3.33.0
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/version: 0.47.0
    app.kubernetes.io/managed-by: Helm
  name: ingress-nginx
rules:
  - apiGroups:
      - ''
    resources:
      - configmaps
      - endpoints
      - nodes
      - pods
      - secrets
    verbs:
      - list
      - watch
  - apiGroups:
      - ''
    resources:
      - nodes
    verbs:
      - get
  - apiGroups:
      - ''
    resources:
      - services
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
      - networking.k8s.io   # k8s 1.14+
    resources:
      - ingresses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ''
    resources:
      - events
    verbs:
      - create
      - patch
  - apiGroups:
      - extensions
      - networking.k8s.io   # k8s 1.14+
    resources:
      - ingresses/status
    verbs:
      - update
  - apiGroups:
      - networking.k8s.io   # k8s 1.14+
    resources:
      - ingressclasses
    verbs:
      - get
      - list
      - watch
---
# Source: ingress-nginx/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    helm.sh/chart: ingress-nginx-3.33.0
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/version: 0.47.0
    app.kubernetes.io/managed-by: Helm
  name: ingress-nginx
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: ingress-nginx
subjects:
  - kind: ServiceAccount
    name: ingress-nginx
    namespace: ingress-nginx
---
# Source: ingress-nginx/templates/controller-role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    helm.sh/chart: ingress-nginx-3.33.0
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/version: 0.47.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: controller
  name: ingress-nginx
  namespace: ingress-nginx
rules:
  - apiGroups:
      - ''
    resources:
      - namespaces
    verbs:
      - get
  - apiGroups:
      - ''
    resources:
      - configmaps
      - pods
      - secrets
      - endpoints
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ''
    resources:
      - services
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
      - networking.k8s.io   # k8s 1.14+
    resources:
      - ingresses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
      - networking.k8s.io   # k8s 1.14+
    resources:
      - ingresses/status
    verbs:
      - update
  - apiGroups:
      - networking.k8s.io   # k8s 1.14+
    resources:
      - ingressclasses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ''
    resources:
      - configmaps
    resourceNames:
      - ingress-controller-leader-nginx
    verbs:
      - get
      - update
  - apiGroups:
      - ''
    resources:
      - configmaps
    verbs:
      - create
  - apiGroups:
      - ''
    resources:
      - events
    verbs:
      - create
      - patch
---
# Source: ingress-nginx/templates/controller-rolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    hel

以上是关于KUBERNETES04_Service服务ClusterIPNodePort方式Ingress域名访问路径重写限流操作的主要内容,如果未能解决你的问题,请参考以下文章

#yyds干货盘点#kubernetes入门基础-Service的概念以及相关操作

kubernetes_13_普通Service和无头Service

kubernetes组件_Service_普通Service和无头Service

Docker Kubernetes 服务发现原理详解

Kubernetes——Service(SVC)服务

Kubernetes-Service介绍-服务发现