This is the 11th day of my participation in Gwen Challenge
8 Service Configuration List
The Service provides a fixed access point for the POD cluster controlled by the POD controller. The Service also relies on an attachment in K8s, CoreDNS, which provides a domain name resolution for the Service address.
8.1 Service Working Mode
- Userspace: earlier than 1.1
- Iptables: versions earlier than 1.10
- Ipvs: later than 1.11
8.2 the Service type
| type | role |
|---|---|
| ClusterIP | The default is to assign a Service network address for intra-cluster communication only |
| NodePort | This type can be used if external cluster access is required |
| ExternalName | External services are imported to the cluster for easy use |
| LoadBalancer | K8S works in a cloud environment and invokes the cloud environment to create a load balancer |
8.3 Resource Records
SVC_NAME.NS_NAME.DOMAIN.LTD
For example: redis. Default. SVC. Cluster. The local.
8.4 the Service list
- Listing of
apiVersion <string> API version number, v1
kind <string> What type of resource does the tag create
metadata <Object> # POD metadata
spec <Object> # metadata
Copy the code8.5 service. Spec specification
- ClusterIP: Specifies the IP address of the Service network. The default IP address is dynamic allocation
- Type: indicates the service type. The value can be ExternalName, ClusterIP, NodePort, and LoadBalancer
8.6 ClusterIP Service
apiVersion: v1
kind: Service
metadata:
name: redis
namespace: default
spec:
selector:
app: redis
role: logstor
type: ClusterIP
clusterIP: 10.96. 0100.
ports:
- port: 6379 # service port
targetPort: 6379 # pod listening port
protocol: TCP
Copy the code8.7 NodePort Service Description
NodePort is a ClusterIP NodePort that is exposed to the node network namespace, so that users can access the cluster from outside the cluster. Client -> NodeIP:NodePort -> ClusterIP:ServicePort -> PodIP:ContainerPort
NodePort enhances the function of ClusterIP, enabling clients to access any NodeIP outside each cluster to access ClusterIP, and then load balancing from ClusterIP to POD.
- List the sample
apiVersion: v1
kind: Service
metadata:
name: myapp
namespace: default
spec:
selector:
app: myapp
release: canary
type: NodePort
ports:
- port: 80 # service port
targetPort: 80 # pod listening port
nodePort: 30080 Service will add iptables/ IPVS rules on each node to redirect access to this port, so it is necessary to ensure that this port is not occupied on all nodes
protocol: TCP
Copy the codeOn the outside of the cluster can be used: http://172.16.100.102:30080 to access the service addressCopy the codeWithin the cluster can use the service domain name resolution to get the service address on coredns: dig - t A myapp. Default. SVC. Cluster. The local @ 10.96.0.10Copy the code8.8 loadBalancerIP type
The iptables/ IPVS rules for each host enable pod to be accessed from any node. Therefore, load balancers should be added to these nodeIP. If working in the public cloud, loadBalancerIP built in K8S can be used. Load balancers are services that operate public clouds to dynamically add and delete data.
LoadBalancerIP enhances the NodePort-type service to load balance each nodeIP outside the cluster.
8.9 Service Without Cluster Address
Headless service means that the service has no ClusterIP and does not map NodePort. Instead, the domain name of the service is resolved to nodeIP to access the POD on the nodeIP.
- List the sample
apiVersion: v1 kind: Service metadata: name: myapp-nohead namespace: default spec: selector: app: myapp-nohead release: Canary Type: ClusterIP ClusterIP: None Ports: -port: 80 # service Port targetPort: 80 # POD Listening portCopy the code- View the address of the CoreDNS server
kubectl get svc -n kube-system
Copy the code- In the cluster, CoreDNS addresses are used to resolve headless serive domain names, resulting in direct POD addresses in NodeIP. Multiple A records of DNS are used for load balancing
Dig - t A myapp - nohead. Default. SVC. Cluster. The local. @ 10.96.0.10Copy the code;; ANSWER SECTION: Myapp - nohead. Default. SVC. Cluster. The local. 5 IN A 10.244.1.75 myapp - nohead. Default. SVC. Cluster. The local. 5 IN A 10.244.2.74Copy the code8.10 externalName type
When a POD needs to access a service outside the cluster, externalName can map an external service inside the cluster to be accessed by a POD inside the cluster.
An external domain name address is mapped to an internal address resolved by coreDNS inside the cluster to provide internal cluster access.
other
Send your notes to: github.com/redhatxl/aw… Welcome one button three links