欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

企业项目实战k8s篇(五)service

程序员文章站 2022-03-12 11:49:55
...

service

一.service简述

Service可以看作是一组提供相同服务的Pod对外的访问接口。借助Service,应
用可以方便地实现服务发现和负载均衡。

service默认只支持4层负载均衡能力,没有7层功能。(可以通过Ingress实现)

service的类型:

  • ClusterIP:默认值,k8s系统给service自动分配的虚拟IP,只能在集群内部访问。
  • NodePort:将Service通过指定的Node上的端口暴露给外部,访问任意一个NodeIP:nodePort都将路由到ClusterIP。
  • LoadBalancer:在 NodePort 的基础上,借助 cloud provider 创建一个外部的负载均衡器,并将请求转发到 :NodePort,此模式只能在云服务器上使用。
  • ExternalName:将服务通过 DNS CNAME 记录方式转发到指定的域名(通过spec.externlName 设定)

二.ipvs模式

  • Service 是由 kube-proxy 组件,加上 iptables 来共同实现的.
  • kube-proxy 通过 iptables 处理 Service 的过程,需要在宿主机上设置相当多的iptables 规则,如果宿主机有大量的Pod,不断刷新iptables规则,会消耗大量的CPU资源。
  • IPVS模式的service,可以使K8s集群支持更多量级的Pod。

开启kube-proxy的ipvs模式

安装ipvs,修改ipvs模式

[[email protected] ~]# kubectl  -n kube-system  get cm
NAME                                 DATA   AGE
coredns                              1      2d23h
extension-apiserver-authentication   6      2d23h
kube-flannel-cfg                     2      2d22h
kube-proxy                           2      2d23h
kube-root-ca.crt                     1      2d23h
kubeadm-config                       2      2d23h
kubelet-config-1.21                  1      2d23h

[[email protected] ~]# kubectl edit cm kube-proxy -n kube-system
configmap/kube-proxy edited
[[email protected] ~]# lsmod  | grep ip_vs
ip_vs_sh               12688  0 
ip_vs_wrr              12697  0 
ip_vs_rr               12600  0 
ip_vs                 145497  6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack          133095  10 ip_vs,nf_nat,nf_nat_ipv4,nf_nat_ipv6,xt_conntrack,nf_nat_masquerade_ipv4,nf_nat_masquerade_ipv6,nf_conntrack_netlink,nf_conntrack_ipv4,nf_conntrack_ipv6
libcrc32c              12644  4 xfs,ip_vs,nf_nat,nf_conntrack

更新kube-proxy pod

[[email protected] ~]# kubectl get pod -n kube-system |grep kube-proxy |awk '{system("kubectl delete pod "$1" -n kube-system")}'
pod "kube-proxy-p78dh" deleted
pod "kube-proxy-rpqxv" deleted
pod "kube-proxy-tgvkq" deleted

执行脚本创建svc,获取访问ip 为10.96.97.61

[[email protected] ~]# kubectl  apply  -f deployment.yml 
deployment.apps/nginx-deployment configured
[[email protected] ~]# vim deployment.yml 
[[email protected] ~]# kubectl  get pod
NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-6456d7c676-7zhl5   1/1     Running   0          32s
nginx-deployment-6456d7c676-ldq7x   1/1     Running   0          33s
nginx-deployment-6456d7c676-rlhkv   1/1     Running   0          35s
[[email protected] ~]# kubectl  apply  -f svc.yml 
service/mysvc created
[[email protected] ~]# kubectl  describe  svc mysvc 
Name:              mysvc
Namespace:         default
Labels:            <none>
Annotations:       <none>
Selector:          app=nginx
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.97.61
IPs:               10.96.97.61
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.244.1.28:80,10.244.1.29:80,10.244.2.35:80
Session Affinity:  None
Events:            <none>

IPVS模式下,kube-proxy会在service创建后,在宿主机上添加一个虚拟网卡:
kube-ipvs0,并分配service IP

9: kube-ipvs0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default 
    link/ether 2a:78:08:d8:21:10 brd ff:ff:ff:ff:ff:ff
 
    inet 10.96.97.61/32 scope global kube-ipvs0
       valid_lft forever preferred_lft forever

kube-proxy通过linux的IPVS模块,以rr轮询方式调度service中的Pod,进行转发访问,从而减少性能消耗

[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# curl 10.96.97.61
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[[email protected] ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn   
TCP  10.96.97.61:80 rr
  -> 10.244.1.28:80               Masq    1      0          3         
  -> 10.244.1.29:80               Masq    1      0          4         
  -> 10.244.2.35:80               Masq    1      0          4
相关标签: linux学习 docker容器 k8s kubernetes nginx linux docker

上一篇: 手把手教你在小程序中怎么实现悬浮按钮(代码示例)

下一篇: k8s——service

推荐阅读