1：service詳解

1、每次訪問pod的時(shí)候，ip地址都不是固定的

2、service有一個(gè)虛擬ip和端口，可以使用這個(gè)來進(jìn)行訪問

3、kube-proxy，api server將service的信息存入到etcd中，kube-proxy將其轉(zhuǎn)換為一個(gè)訪問規(guī)則，這個(gè)就是本質(zhì)

4、表象，就是標(biāo)簽，本質(zhì)就是規(guī)則，通過標(biāo)簽，來進(jìn)行要管理哪些pod，

5、訪問pod里面的容器的時(shí)候，是根據(jù)輪詢的狀態(tài)，可以設(shè)置session親和性來進(jìn)行設(shè)置，將多個(gè)請(qǐng)求轉(zhuǎn)發(fā)到一個(gè)pod里面的容器上

環(huán)境準(zhǔn)備

apiVersion: apps/v1
kind: Deployment
metadata:
   name: pc-deployment
   namespace: dev
spec:
   replicas: 3
   selector:
       matchLabels:
          app: nginx-pod
   template:
       metadata:
         labels:
           app: nginx-pod
       spec:
          containers:
          - name: nginx
            image: nginx:1.17.1
            ports:
            - containerPort: 80
#將網(wǎng)頁內(nèi)容進(jìn)行更改
root@pc-deployment-5cb65f68db-fxlpt:/usr/share/nginx/html# ls
50x.html  index.html
root@pc-deployment-5cb65f68db-fxlpt:/usr/share/nginx/html# echo 10.244.2.48 > index.html 

1、ClusterIP

集群內(nèi)部進(jìn)行訪問pod，虛擬端口和虛擬ip

[root@master service]# cat clusterip.yaml 
apiVersion: v1
kind: Service
metadata:
   name: svc1
   namespace: dev
spec:
  selector:
    app: nginx-pod
  clusterIP: 10.96.0.100  #不寫的話默認(rèn)生成一個(gè)ip，可以為None，只能通過域名來進(jìn)行訪問
  type: ClusterIP 
  ports:
    - port: 8080  #svc的端口
      targetPort: 80

[root@master service]# kubectl describe svc -n dev svc1 
Name:              svc1
Namespace:         dev
Labels:            <none>
Annotations:       <none>
Selector:          app=nginx-pod
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.0.100
IPs:               10.96.0.100
Port:              <unset>  8080/TCP
TargetPort:        80/TCP
Endpoints:         10.244.1.67:80,10.244.1.68:80,10.244.2.48:80  #這個(gè)便是建立的聯(lián)系
Session Affinity:  None
Events:            <none>

#查看ipvsadm的信息
CP  10.96.0.100:8080 rr
  -> 10.244.1.67:80               Masq    1      0          0         
  -> 10.244.1.68:80               Masq    1      0          0         
  -> 10.244.2.48:80               Masq    1      0          0   

2、headliness

clusterip 默認(rèn)是隨機(jī)的負(fù)載均衡分發(fā)策略，這個(gè)類型的不會(huì)分發(fā)clusterip，只能通過域名來進(jìn)行控制訪問

3、NodePort

就是將svc的port映射到node節(jié)點(diǎn)上面，通過nodeip+端口來實(shí)現(xiàn)訪問，占用了主機(jī)的一個(gè)端口

apiVersion: v1
kind: Service
metadata:
  name: svc2
  namespace: dev
spec:
  selector:
     app: nginx-pod
  type: NodePort
  ports:
  - port: 80
    targetPort: 80
    nodePort: 30002

#查看svc信息
[root@master service]# kubectl get svc -n dev
NAME    TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
nginx   NodePort    10.96.20.47     <none>        80:30528/TCP   89m
svc1    ClusterIP   10.96.0.100     <none>        8080/TCP       34m
svc2    NodePort    10.96.139.188   <none>        80:30002/TCP   2m4s

#訪問服務(wù)
[root@master service]# curl 10.104.43.43:30002
10.244.1.67
[root@master service]# curl 10.104.43.43:30002
10.244.2.48

4、LoadBalancer

5、ExternalName

6、Ingress

1、因?yàn)閚odeport會(huì)占用主機(jī)上面的一個(gè)端口，因此的話很多服務(wù)的話，1就浪費(fèi)了大量的端口

2、使用ingress服務(wù)
就是通過域名來進(jìn)行轉(zhuǎn)發(fā)到對(duì)應(yīng)的service上面，實(shí)現(xiàn)訪問

環(huán)境準(zhǔn)備
#下載ingress軟件
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.2/deploy/static/provider/cloud/deploy.yaml

#更換第一個(gè)源的地址
registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.1.0
#后面2哥源的地址
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.1.1


#查看ingress
[root@master service]# kubectl get pod -n ingress-nginx 
NAME                                        READY   STATUS      RESTARTS   AGE
ingress-nginx-admission-create-q984g        0/1     Completed   0          49m
ingress-nginx-admission-patch-twmqm         0/1     Completed   1          49m
ingress-nginx-controller-6f4d47c657-bv8qx   1/1     Running     0          49m
[root@master service]# kubectl get svc -n ingress-nginx 
NAME                                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx-controller             NodePort    10.96.70.212    <none>        80:30906/TCP,443:30339/TCP   49m
ingress-nginx-controller-admission   ClusterIP   10.107.42.140   <none>        443/TCP                      49m

#安裝6個(gè)pod，2個(gè)服務(wù)
[root@master service]# cat exampl.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
   name: pc-deployment
   namespace: dev
spec:
   replicas: 3
   selector:
       matchLabels:
          app: nginx-pod
   template:
       metadata:
         labels:
           app: nginx-pod
       spec:
          containers:
          - name: nginx
            image: nginx:1.17.1
            ports:
            - containerPort: 80

---
apiVersion: apps/v1
kind: Deployment
metadata:
   name: tomcat-deployment
   namespace: dev
spec:
   replicas: 3
   selector:
      matchLabels:
       app: t1 
   template:
      metadata:
         labels:
           app: t1
      spec:
        containers:
        - name: tomcat
          image: tomcat:8.5-jre10-slim
          ports:
          - containerPort: 8080

---
apiVersion: v1
kind: Service
metadata:
   name: nginx-service
   namespace: dev
spec:
   selector:
     app: nginx-pod
   clusterIP: None
   type: ClusterIP
   ports:
   - port: 80
     targetPort: 80

---
apiVersion: v1
kind: Service
metadata:
   name: tomcat-service
   namespace: dev
spec:
   selector:
     app: t1 
   type: ClusterIP
   clusterIP: None
   ports:
   - port: 8080
     targetPort: 8080

[root@master service]# cat i.yaml 
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-http
  namespace: dev
  annotations:
     nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  ingressClassName: nginx  #這個(gè)ingress由nginx來進(jìn)行處理
  rules:  #定義一組的規(guī)則
  - host: nginx.com
    http:
      paths:
      - pathType: Prefix   #表示路徑匹配是基于前綴的
        path: /app  #表示匹配所有以/開頭的路徑
        backend:  #指定了請(qǐng)求轉(zhuǎn)發(fā)到后端服務(wù)
          service:
            name: nginx-service
            port:
              number: 80   #后端服務(wù)監(jiān)聽的端口
  - host: tomcat.com
    http:
      paths:
      - pathType: Prefix
        path: /
        backend:
          service:
            name: tomcat-service
            port:
              number: 8080

#域名解析
[root@master service]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.104.43.43 master
10.104.43.93 node1
10.104.43.126 node2
10.104.43.43 nginx.com
10.104.43.43 tomcat.com

#進(jìn)行訪問
[root@master service]# kubectl get svc -n ingress-nginx 
NAME                                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx-controller             NodePort    10.96.70.212    <none>        80:30906/TCP,443:30339/TCP   51m
ingress-nginx-controller-admission   ClusterIP   10.107.42.140   <none>        443/TCP                      51m
[root@master service]# curl nginx.com:30906/app
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a >nginx.org</a>.<br/>
Commercial support is available at
<a >nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

[root@master service]# curl tomcat.com:30906



<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="UTF-8" />
        <title>Apache Tomcat/8.5.35</title>
        <link href="favicon.ico" rel="icon" type="image/x-icon" />
        <link href="favicon.ico" rel="shortcut icon" type="image/x-icon" />
        <link href="tomcat.css" rel="stylesheet" type="text/css" />
    </head>