在之前的一些章节中,有hostNetwork和hostport,以及Nodeport三种服务暴露方式,nodeport跳过了service的cluster IP直接暴露出去,范围从30000-32767,不设置则动态分配,参考service第一章和hostNetwork
创建pod资源
在创建nodeport之前,先创建一个现有pod作为测试。pod的yaml文件如下:
[root@linuxea linuxea]# cat nginx.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nginx-linuxea
namespace: default
spec:
selector:
matchLabels:
app: nginx
release: www
template:
metadata:
labels:
app: nginx
release: www
spec:
# hostNetwork: true
containers:
- name: linuxea
image: "marksugar/nginx:1.14.a"
ports:
- name: http
containerPort: 80
# hostPort: 80创建的pod节点
[root@linuxea linuxea]# kubectl get pods -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE LABELS
nginx-linuxea-2qkmf 1/1 Running 0 29s 172.16.2.44 linuxea.node-2.com <none> app=nginx,controller-revision-hash=3080738842,pod-template-generation=1,release=www
nginx-linuxea-8hvk6 1/1 Running 0 29s 172.16.3.46 linuxea.node-3.com <none> app=nginx,controller-revision-hash=3080738842,pod-template-generation=1,release=www
nginx-linuxea-dk5hg 1/1 Running 0 29s 172.16.1.42 linuxea.node-1.com <none> app=nginx,controller-revision-hash=3080738842,pod-template-generation=1,release=www
redis-66ccc9b5df-8hmp5 1/1 Running 0 3h 172.16.1.41 linuxea.node-1.com <none> app=redis,pod-template-hash=2277756189,role=Logstorage创建service nodeport
将上述的现有的pod加入到service中,标签需要和pod中的标签一样
selector:
app: nginx
release: wwwnodePort不指定也會被默認分配service的80端口被映射为31180端口,如下:
- port: 80 # service 端口
targetPort: 80 # pod中的端口
nodePort: 31180 # node中的端口(此端口在node上唯一),范围从30000-32767,不设置则动态分配- 最终service yaml文件如下
apiVersion: v1
kind: Service
metadata:
name: linuxea
namespace: default
spec:
selector:
app: nginx
release: www
clusterIP: 10.96.66.66
type: NodePort
ports:
- port: 80
targetPort: 80
nodePort: 31180apply
[root@linuxea linuxea]# kubectl apply -f linuxea.yaml
service/linuxea created
[root@linuxea linuxea]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 18d
linuxea NodePort 10.96.66.66 <none> 80:31180/TCP 3s而后在集群外部进行访问任意一个node节点ip:31180端口都可以
[root@DS-VM-Node_10_10_240_143 ~]$ while true;do curl 10.10.240.161:31180/linuxea.html; sleep 1; done
linuxea-nginx-linuxea-8hvk6.com ▍ 33b9df88388ed ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-8hvk6.com ▍ 33b9df88388ed ▍version number 1.0
linuxea-nginx-linuxea-8hvk6.com ▍ 33b9df88388ed ▍version number 1.0
linuxea-nginx-linuxea-8hvk6.com ▍ 33b9df88388ed ▍version number 1.0
linuxea-nginx-linuxea-2qkmf.com ▍ d5535d8023a09 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-2qkmf.com ▍ d5535d8023a09 ▍version number 1.0
linuxea-nginx-linuxea-8hvk6.com ▍ 33b9df88388ed ▍version number 1.0
linuxea-nginx-linuxea-2qkmf.com ▍ d5535d8023a09 ▍version number 1.0
linuxea-nginx-linuxea-2qkmf.com ▍ d5535d8023a09 ▍version number 1.0sessionAffinity
此刻可使用负载均衡进行调度到每台node上的31180端口,或许需要配置sessionAffinity来完成回话黏贴性,如下:
其中从nodeport 31180(节点IP:PORT)转换到service port 80(其中将会内部解析调度到cluster_ip上),在从service port 80转换到pod port 80,会经过三次转换。从nodeport转换到service port,在从service port转换到pod port可见service中的nodeport的效果便如此打补丁进行测试
[root@linuxea linuxea]# kubectl patch svc linuxea -p '{"spec":{"sessionAffinity":"ClientIP"}}'
service/linuxea patched验证Session Affinity: ClientIP
[root@linuxea linuxea]# kubectl describe svc linuxea
Name: linuxea
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"linuxea","namespace":"default"},"spec":{"clusterIP":"10.96.66.66","ports":[{"n...
Selector: app=nginx,release=www
Type: NodePort
IP: 10.96.66.66
Port: <unset> 80/TCP
TargetPort: 80/TCP
NodePort: <unset> 31180/TCP
Endpoints: 172.16.1.42:80,172.16.2.44:80,172.16.3.46:80
Session Affinity: ClientIP
External Traffic Policy: Cluster
Events: <none>在访问时,来自同一个ip的客户端请求始终发往同一个后端pod
[root@DS-VM-Node100 ~]# while true;do curl 10.10.240.203:31180/linuxea.html; sleep 1; done
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
linuxea-nginx-linuxea-dk5hg.com ▍ 665b7a9dc2d42 ▍version number 1.0
