Kubernetes-network

Kubernetes

发布日期: 2020-11-21

Kubernetes-network

https://www.katacoda.com/courses/kubernetes/networking-introduction

Kubernetes Services是一个抽象，它定义了有关如何访问一组Pod的策略和方法。通过服务访问的Pod集合基于标签选择器。

Cluster IP

创建Kubernetes服务时，群集IP是默认方法。为该服务分配了一个内部IP，其他组件可以使用该IP来访问Pod。

通过使用单个IP地址，它可以使服务在多个Pod之间实现负载平衡。

服务通过以下方式部署kubectl apply -f clusterip.yaml

定义可以在以下位置查看cat clusterip.yaml

apiVersion: v1
kind: Service
metadata:
  name: webapp1-clusterip-svc
  labels:
    app: webapp1-clusterip
spec:
  ports:
  - port: 80
  selector:
    app: webapp1-clusterip
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: webapp1-clusterip-deployment
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: webapp1-clusterip
    spec:
      containers:
      - name: webapp1-clusterip-pod
        image: katacoda/docker-http-server:latest
        ports:
        - containerPort: 80
---

这将部署一个具有两个副本的Web应用程序，以展示负载平衡以及一项服务。可以在以下位置查看 pod kubectl get pods

NAME                                            READY   STATUS              RESTARTS   AGE
webapp1-clusterip-deployment-669c7c65c4-pq9lw   0/1     ContainerCreating   0          40s
webapp1-clusterip-deployment-669c7c65c4-smv5m   0/1     ContainerCreating   0          40s

它还将部署服务kubectl get svc

NAME                    TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
kubernetes              ClusterIP   10.96.0.1              443/TCP   42m
webapp1-clusterip-svc   ClusterIP   10.102.70.19           80/TCP    2m6s

有关服务配置和活动端点（Pods）的更多详细信息，可以通过以下方式查看kubectl describe svc/webapp1-clusterip-svc

Name:              webapp1-clusterip-svc
Namespace:         default
Labels:            app=webapp1-clusterip
Annotations:       kubectl.kubernetes.io/last-applied-configuration:
                     {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"webapp
1-clusterip"},"name":"webapp1-clusterip-svc","name...
Selector:          app=webapp1-clusterip
Type:              ClusterIP
IP:                10.102.70.19
Port:                80/TCP
TargetPort:        80/TCP
Endpoints:         10.32.0.5:80,10.32.0.6:80
Session Affinity:  None
Events:

部署后，可以通过分配的ClusterIP访问该服务。

export CLUSTER_IP=$(kubectl get services/webapp1-clusterip-svc -o go-template='{{(index .spec.clusterIP)}}')
echo CLUSTER_IP=$CLUSTER_IP
curl $CLUSTER_IP:80

多个请求将展示基于公共标签选择器的跨多个Pod的服务负载平衡器。curl $CLUSTER_IP:80

Target Ports

目标端口允许我们将应用程序可用的端口与应用程序正在侦听的端口分开。

TargetPort是应用程序配置为侦听的端口。端口是从外部访问应用程序的方式。

与以前类似，服务和额外的Pod通过kubectl apply -f clusterip-target.yaml

以下命令将创建服务。

cat clusterip-target.yaml

apiVersion: v1
kind: Service
metadata:
  name: webapp1-clusterip-targetport-svc
  labels:
    app: webapp1-clusterip-targetport
spec:
  ports:
  - port: 8080
    targetPort: 80
  selector:
    app: webapp1-clusterip-targetport
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: webapp1-clusterip-targetport-deployment
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: webapp1-clusterip-targetport
    spec:
      containers:
      - name: webapp1-clusterip-targetport-pod
        image: katacoda/docker-http-server:latest
        ports:
        - containerPort: 80
---

controlplane $ kubectl get svc
NAME                               TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
kubernetes                         ClusterIP   10.96.0.1                443/TCP    47m
webapp1-clusterip-svc              ClusterIP   10.102.70.19             80/TCP     8m
webapp1-clusterip-targetport-svc   ClusterIP   10.102.212.110           8080/TCP   2m27s

controlplane $ kubectl describe svc/webapp1-clusterip-targetport-svc
Name:              webapp1-clusterip-targetport-svc
Namespace:         default
Labels:            app=webapp1-clusterip-targetport
Annotations:       kubectl.kubernetes.io/last-applied-configuration:
                     {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"webapp1-clusterip-targetport"},"name":"webapp1-clusterip...
Selector:          app=webapp1-clusterip-targetport
Type:              ClusterIP
IP:                10.102.212.110
Port:                8080/TCP
TargetPort:        80/TCP
Endpoints:         10.32.0.7:80,10.32.0.8:80
Session Affinity:  None
Events:

部署服务和Pod之后，可以像以前一样通过群集IP访问它，但是这次是在定义的端口8080上进行的。

controlplane $ export CLUSTER_IP=$(kubectl get services/webapp1-clusterip-targetport-svc -o go-template='{{(index .spec.clusterIP)}}')
controlplane $ echo CLUSTER_IP=$CLUSTER_IP
CLUSTER_IP=10.102.212.110
controlplane $ curl $CLUSTER_IP:8080
This request was processed by host: webapp1-clusterip-targetport-deployment-5599945ff4-ttv9c
controlplane $ curl $CLUSTER_IP:8080
This request was processed by host: webapp1-clusterip-targetport-deployment-5599945ff4-ttv9c
controlplane $

该应用程序本身仍配置为侦听端口80。Kubernetes Service管理二者之间的转换。

NodePort

虽然TargetPort和ClusterIP使其可用于群集内部，但NodePort通过定义的静态端口将服务公开到每个Node的IP上。无论访问群集中的哪个节点，都可以根据定义的端口号访问该服务。

kubectl apply -f nodeport.yaml

controlplane $ kubectl apply -f nodeport.yaml
service/webapp1-nodeport-svc created
deployment.extensions/webapp1-nodeport-deployment created

查看服务定义时，请注意定义的其他类型和NodePort属性

controlplane $ cat nodeport.yaml
apiVersion: v1
kind: Service
metadata:
  name: webapp1-nodeport-svc
  labels:
    app: webapp1-nodeport
spec:
  type: NodePort
  ports:
  - port: 80
    nodePort: 30080
  selector:
    app: webapp1-nodeport
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: webapp1-nodeport-deployment
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: webapp1-nodeport
    spec:
      containers:
      - name: webapp1-nodeport-pod
        image: katacoda/docker-http-server:latest
        ports:
        - containerPort: 80
---
controlplane $ kubectl get svc
NAME                               TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes                         ClusterIP   10.96.0.1                443/TCP        51m
webapp1-clusterip-svc              ClusterIP   10.102.70.19             80/TCP         11m
webapp1-clusterip-targetport-svc   ClusterIP   10.102.212.110           8080/TCP       5m47s
webapp1-nodeport-svc               NodePort    10.111.49.13             80:30080/TCP   43s
controlplane $ kubectl describe svc/webapp1-nodeport-svc
Name:                     webapp1-nodeport-svc
Namespace:                default
Labels:                   app=webapp1-nodeport
Annotations:              kubectl.kubernetes.io/last-applied-configuration:
                            {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"webapp1-nodeport"},"name":"webapp1-nodeport-svc","namesp...
Selector:                 app=webapp1-nodeport
Type:                     NodePort
IP:                       10.111.49.13
Port:                       80/TCP
TargetPort:               80/TCP
NodePort:                   30080/TCP
Endpoints:                10.32.0.10:80,10.32.0.9:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:

现在可以通过定义的NodePort上的Node IP地址访问该服务。

controlplane $ curl 172.17.0.63:30080
This request was processed by host: webapp1-nodeport-deployment-677bd89b96-vjm24

External IPs

使服务在群集外部可用的另一种方法是通过外部IP地址。

使用以下命令将定义更新为当前集群的IP地址

controlplane $ sed -i 's/HOSTIP/172.17.0.63/g' externalip.yaml
controlplane $ cat externalip.yaml
apiVersion: v1
kind: Service
metadata:
  name: webapp1-externalip-svc
  labels:
    app: webapp1-externalip
spec:
  ports:
  - port: 80
  externalIPs:
  - 172.17.0.63
  selector:
    app: webapp1-externalip
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: webapp1-externalip-deployment
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: webapp1-externalip
    spec:
      containers:
      - name: webapp1-externalip-pod
        image: katacoda/docker-http-server:latest
        ports:
        - containerPort: 80
---
controlplane $ kubectl apply -f externalip.yaml
service/webapp1-externalip-svc created
deployment.extensions/webapp1-externalip-deployment created
controlplane $ kubectl get svc
NAME                               TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes                         ClusterIP   10.96.0.1                443/TCP        56m
webapp1-clusterip-svc              ClusterIP   10.102.70.19             80/TCP         16m
webapp1-clusterip-targetport-svc   ClusterIP   10.102.212.110           8080/TCP       10m
webapp1-externalip-svc             ClusterIP   10.101.191.29    172.17.0.63   80/TCP         7s
webapp1-nodeport-svc               NodePort    10.111.49.13             80:30080/TCP   5m50s
controlplane $ kubectl describe svc/webapp1-externalip-svc
Name:              webapp1-externalip-svc
Namespace:         default
Labels:            app=webapp1-externalip
Annotations:       kubectl.kubernetes.io/last-applied-configuration:
                     {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"webapp
1-externalip"},"name":"webapp1-externalip-svc","na...
Selector:          app=webapp1-externalip
Type:              ClusterIP
IP:                10.101.191.29
External IPs:      172.17.0.63
Port:                80/TCP
TargetPort:        80/TCP
Endpoints:         
Session Affinity:  None
Events:

现在，该服务已绑定到主节点的IP地址和端口80。

controlplane $ curl 172.17.0.63
This request was processed by host: webapp1-externalip-deployment-6446b488f8-5v2fj

Load Balancer

在EC2或Azure等云中运行时，可以配置和分配通过云提供商发布的公共IP地址。这将通过负载平衡器（例如ELB）发布。这允许将其他公共IP地址分配给Kubernetes集群，而无需直接与云提供商进行交互。

由于Katacoda不是云提供商，因此仍然可以为LoadBalancer类型的服务动态分配IP地址。这是通过使用以下方法部署云提供程序来完成的：

controlplane $ kubectl apply -f cloudprovider.yaml
daemonset.extensions/kube-keepalived-vip configured
configmap/vip-configmap configured
deployment.apps/keepalived-cloud-provider created

PS：在由云提供商提供的服务中运行时，这不是必需的。

当服务请求负载平衡器时，提供程序将在配置中定义的10.10.0.0/26范围内分配一个。

controlplane $ kubectl get pods -n kube-system
NAME                                        READY   STATUS              RESTARTS   AGE
coredns-fb8b8dccf-fd6jl                     0/1     ContainerCreating   0          45s
coredns-fb8b8dccf-mnn9l                     0/1     ContainerCreating   0          45s
katacoda-cloud-provider-5787995f6c-rxrn5    0/1     ContainerCreating   0          45s
keepalived-cloud-provider-78fc4468b-s4kfk   0/1     ContainerCreating   0          45s
kube-keepalived-vip-548kd                   0/1     ContainerCreating   0          11s
kube-proxy-q7dng                            1/1     Running             0          45s
weave-net-s2hvv                             2/2     Running             0          45s
controlplane $ kubectl apply -f loadbalancer.yaml
service/webapp1-loadbalancer-svc created
deployment.extensions

通过负载均衡器配置服务，如· ·

controlplane $ cat loadbalancer.yaml
apiVersion: v1
kind: Service
metadata:
  name: webapp1-loadbalancer-svc
  labels:
    app: webapp1-loadbalancer
spec:
  type: LoadBalancer
  ports:
  - port: 80
  selector:
    app: webapp1-loadbalancer
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: webapp1-loadbalancer-deployment
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: webapp1-loadbalancer
    spec:
      containers:
      - name: webapp1-loadbalancer-pod
        image: katacoda/docker-http-server:latest
        ports:
        - containerPort: 80
---

在定义IP地址时，服务将显示Pending（待定）。分配后，它将出现在服务列表中。

controlplane $ kubectl get svc
NAME                       TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes                 ClusterIP      10.96.0.1               443/TCP        2m47s
webapp1-loadbalancer-svc   LoadBalancer   10.106.110.15   10.10.0.1     80:31226/TCP   103s
controlplane $ kubectl describe svc/webapp1-loadbalancer-svc
Name:                     webapp1-loadbalancer-svc
Namespace:                default
Labels:                   app=webapp1-loadbalancer
Annotations:              kubectl.kubernetes.io/last-applied-configuration:
                            {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"webapp1-loadbalancer"},"name":"webapp1-loadbalancer-svc"...
Selector:                 app=webapp1-loadbalancer
Type:                     LoadBalancer
IP:                       10.106.110.15
LoadBalancer Ingress:     10.10.0.1
Port:                       80/TCP
TargetPort:               80/TCP
NodePort:                   31226/TCP
Endpoints:                10.32.0.6:80,10.32.0.7:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:
  Type    Reason                Age   From                Message
  ----    ------                ----  ----                -------
  Normal  CreatingLoadBalancer  103s  service-controller  Creating load balancer
  Normal  CreatedLoadBalanc

现在可以通过分配的IP地址（在这种情况下，从10.10.0.0/26范围）访问该服务。

controlplane $ echo LoadBalancerIP=$LoadBalancerIP
LoadBalancerIP=10.10.0.1
controlplane $ curl $LoadBalancerIP
This request was processed by host: webapp1-loadbalancer-deployment-f45b8d9cd-lgs2r
controlplane $ curl $LoadBalancerIP
This request was processed

Kubernetes

Mongodb单点部署

一.依赖和环境centos7.2，4核cpu, 8G内存 100G硬盘版本：3.4.7社区版本端口：27017数据目录：/usr/local/mongodb/data/mongodb配置文件：/usr/local/mongodb/data/

2020-11-22 SQL

Mongodb

Docker-网络模式

Docker四种网络模式实现原理Docker使用Linux桥接（参考《Linux虚拟网络技术》），在宿主机虚拟一个Docker容器网桥(docker0)，Docker启动一个容器时会根据Docker网桥的网段分配给容器一个IP地址，称为Co

2020-11-16 Interview

Linux Docker

Kubernetes-network

Kubernetes-network

Cluster IP

Target Ports

This request was processed by host: webapp1-clusterip-targetport-deployment-5599945ff4-ttv9c

This request was processed by host: webapp1-clusterip-targetport-deployment-5599945ff4-ttv9c

NodePort

This request was processed by host: webapp1-nodeport-deployment-677bd89b96-vjm24

External IPs

This request was processed by host: webapp1-externalip-deployment-6446b488f8-5v2fj

Load Balancer

This request was processed by host: webapp1-loadbalancer-deployment-f45b8d9cd-lgs2r

This request was processed

你的赏识是我前进的动力

`This request was processed`