A cluster of external access
As both Pod and Service are virtual concepts within Kubernetes cluster, clients outside the cluster cannot be accessed by default through Pod IP address or Service virtual IP address: virtual port number. Services within a Kubernetes cluster can generally be accessed in the following ways.
1.1 External Access – Map pods to physical machines
To make these services accessible to external clients, the Pod or Service port number can be mapped to the host so that the client application can access the container application through the physical machine.
Example 1:
[root@k8smaster01 study]# vi pod-hostport.yaml
1 apiVersion: v1
2 kind: Pod
3 metadata:
4 name: webapp
5 labels:
6 app: webapp
7 spec:
8 containers:
9 - name: webapp
10 image: tomcat
11 ports:
12 - containerPort: 8080
13 hostPort: 8081
Copy the code[root@k8smaster01 study]# kubectl create -f pod-hostport.yaml
[root@k8smaster01 study]# kubectl get pods -l=”app=webapp”
NAME READY STATUS RESTARTS AGE
webapp 1/1 Running 0 2m1
[root @ k8smaster01 study] # curl 172.24.8.71:8081
Example 2:
[root@k8smaster01 study]# cat pod-hostnetwork.yaml
1 apiVersion: v1
2 kind: Pod
3 metadata:
4 name: webapp2
5 labels:
6 app: webapp2
7 spec:
8 hostNetwork: true
9 containers:
10 - name: webapp2
11 image: tomcat
12 ports:
13 - containerPort: 8080
14 hostPort: 8080
Copy the codeTip: By setting hostNetwork=true at the Pod level, the port numbers of all containers in this Pod will be mapped directly to the physical machine. When setting hostNetwork=true, note that if hostPort is not specified in the container ports definition, hostPort is equal to containerPort by default. HostPort must equal the value of containerPort.
[root @ k8smaster01 study] # curl 172.24.8.73:8080
1.2 External Access – Map Services to physical machines
Example 1:
[root@k8smaster01 study]# vi webappsvc.yaml
1 apiVersion: v1
2 kind: Service
3 metadata:
4 name: webapp
5 spec:
6 type: NodePort
7 ports:
8 - port: 8080
9 targetPort: 8080
10 nodePort: 8081
11 selector:
12 app: webapp
Copy the codeWarning: To avoid conflicts between K8S and other programs, the default port range is 3000-32767. Therefore, by default, the following alarms may be generated in the preceding YAML. You can modify the alarms in the following ways: Provided port is not in the valid range. The range of valid ports is 3000-32767 # Alarm
[root@k8smaster01 ~]# vi /etc/systemd/system/kube-apiserver.service
ExecStart=/opt/k8s/bin/kube-apiserver \ 2...... 3 --service-node-port-range=1-65535 \ # add this parameter 4......Copy the code[root@k8smaster01 ~]# systemctl daemon-reload
[root@k8smaster01 ~]# systemctl restart kube-apiserver.service
\
[root@k8smaster01 study]# kubectl create -f webappsvc.yaml
[root @ k8smaster01 study] # curl 172.24.8.71:8081
Set the LoadBalancer address to be mapped to the LoadBalancer address provided by the cloud service provider. This usage applies only to the scenario where services are set up on the cloud platform of the public cloud Service provider.
Example 2: as shown in the following status. The loadBalancer. Ingress. The IP Settings 146.148.47.155 for third party to provide the IP address of the load balancer. The access request to this Service will be forwarded to the backend Pod through the LoadBalancer. The implementation method of load distribution depends on the implementation mechanism of the LoadBalancer provided by the third party.
[root@k8smaster01 study]# vi myoutsvc.yaml
1 apiVersion: v1
2 kind: Service
3 metadata:
4 name: my-service
5 spec:
6 type: LoadBalancer
7 selector:
8 app: MyApp
9 ports:
10 - protocol: TCP
11 port: 80
12 targetPort: 9376
13 nodePort: 30061
14 clusterIP: 10.0.171.239
15 status:
16 loadBalancer:
17 ingress:
18 - ip: 47.96.145.131
Copy the code\
