KUBERNETES04_Service服务ClusterIPNodePort方式Ingress域名访问路径重写限流操作
Posted 所得皆惊喜
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了KUBERNETES04_Service服务ClusterIPNodePort方式Ingress域名访问路径重写限流操作相关的知识,希望对你有一定的参考价值。
文章目录
①. Service服务发现ClusterIP方式
-
①. Service:Pod的服务发现与负载均衡
-
②. 有三个pods实例的nginx,进入到容器内部,对默认页面进行如下操作
cd /usr/share/nginx
echo "hello 111"->index.html
echo "hello 222"->index.html
echo "hello 333"->index.html
- ③. 隐藏pod的端口和ip,暴露serviceip和端口,在集群内部进行访问
# 和下面命令等价kubectl expose deploy my-dep-01 --port=8000 --target-port=80 --type=ClusterIP
[root@k8smaster ~]# kubectl expose deployment my-dep-01 --port=8000 --target-port=80
[root@k8smaster ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 7d15h
my-dep-01 ClusterIP 10.96.170.26 <none> 8000/TCP 2m12s
[root@k8smaster ~]# curl 10.96.170.26:8000
hello 111-
[root@k8smaster ~]# curl 10.96.170.26:8000
hello 222-
[root@k8smaster ~]# curl 10.96.170.26:8000
hello 111-
[root@k8smaster ~]# curl 10.96.170.26:8000
hello 333-
[root@k8smaster ~]# curl 10.96.170.26:8000
- ④. 如果说这个时候我们创部署一个前端的项目,前端项目可以通过域名的方式进行访问
curl my-dep-01.default.svc:8000 (注意不能在浏览器中访问,也不能在集群不进入容器的方式进行访问)
- ⑤. 通过yaml文件配置Service
app: my-dep-01通过如下命令查询到的
[root@k8smaster ~]# kubectl get pod --show-labels
NAME READY STATUS RESTARTS AGE LABELS
my-dep-01-686cfb7bf-b2vbl 1/1 Running 0 55m k8s-app=my-dep-01,pod-template-hash=686cfb7bf
my-dep-01-686cfb7bf-f9wdc 1/1 Running 0 55m k8s-app=my-dep-01,pod-template-hash=686cfb7bf
my-dep-01-686cfb7bf-jdhqh 1/1 Running 0 55m k8s-app=my-dep-01,pod-template-hash=686cfb7bf
apiVersion: v1
kind: Service
metadata:
labels:
app: my-dep
name: my-dep
spec:
selector:
app: my-dep-01
ports:
- port: 8000
protocol: TCP
targetPort: 80
②. Service服务暴露NodePort方式
- ①. NodePort命令行的方式
kubectl expose deployment my-dep --port=8000 --target-port=80 --type=NodePort
NodePort范围在 30000-32767之间
[root@k8smaster ~]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
my-dep-01 3/3 3 3 21m
[root@k8smaster ~]# kubectl expose deploy my-dep-01 --port=8000 --target-port=80 --type=NodePort
service/my-dep-01 exposed
[root@k8smaster ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
my-dep-01 NodePort 10.96.235.249 <none> 8000:30267/TCP 5s
[root@k8smaster ~]# curl 10.96.235.249:8000
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html color-scheme: light dark;
body width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@k8smaster ~]#
- ②. yaml文件的方式
apiVersion: v1
kind: Service
metadata:
labels:
app: my-dep-01
name: my-dep-01
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 80
selector:
app: my-dep-01
type: NodePort
③. Ingress的概述以安装
-
①. Ingress是Service的统一网关入口,Service又是Pod统一的入口
-
②. 安装Ingress
kubect apply -f ingreess.yaml
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
---
# Source: ingress-nginx/templates/controller-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
helm.sh/chart: ingress-nginx-3.33.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.47.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller
name: ingress-nginx
namespace: ingress-nginx
automountServiceAccountToken: true
---
# Source: ingress-nginx/templates/controller-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
labels:
helm.sh/chart: ingress-nginx-3.33.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.47.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller
name: ingress-nginx-controller
namespace: ingress-nginx
data:
---
# Source: ingress-nginx/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
helm.sh/chart: ingress-nginx-3.33.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.47.0
app.kubernetes.io/managed-by: Helm
name: ingress-nginx
rules:
- apiGroups:
- ''
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ''
resources:
- nodes
verbs:
- get
- apiGroups:
- ''
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io # k8s 1.14+
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- apiGroups:
- extensions
- networking.k8s.io # k8s 1.14+
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- networking.k8s.io # k8s 1.14+
resources:
- ingressclasses
verbs:
- get
- list
- watch
---
# Source: ingress-nginx/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
helm.sh/chart: ingress-nginx-3.33.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.47.0
app.kubernetes.io/managed-by: Helm
name: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ingress-nginx
subjects:
- kind: ServiceAccount
name: ingress-nginx
namespace: ingress-nginx
---
# Source: ingress-nginx/templates/controller-role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
helm.sh/chart: ingress-nginx-3.33.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.47.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller
name: ingress-nginx
namespace: ingress-nginx
rules:
- apiGroups:
- ''
resources:
- namespaces
verbs:
- get
- apiGroups:
- ''
resources:
- configmaps
- pods
- secrets
- endpoints
verbs:
- get
- list
- watch
- apiGroups:
- ''
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io # k8s 1.14+
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io # k8s 1.14+
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- networking.k8s.io # k8s 1.14+
resources:
- ingressclasses
verbs:
- get
- list
- watch
- apiGroups:
- ''
resources:
- configmaps
resourceNames:
- ingress-controller-leader-nginx
verbs:
- get
- update
- apiGroups:
- ''
resources:
- configmaps
verbs:
- create
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
---
# Source: ingress-nginx/templates/controller-rolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
hel以上是关于KUBERNETES04_Service服务ClusterIPNodePort方式Ingress域名访问路径重写限流操作的主要内容,如果未能解决你的问题,请参考以下文章
#yyds干货盘点#kubernetes入门基础-Service的概念以及相关操作
kubernetes_13_普通Service和无头Service