• kubernetes创建两个不通namesapce的service,实现service之间访问

    一、创建两个service

    [root@master69 kubernetes]# kubectl create -f hl95-notary/hl95-notary-namespace.yaml
[root@master69 kubernetes]# kubectl create -f hl95-notary/hl95-notary-api-deployment.yaml
[root@master69 kubernetes]# kubectl create -f hl95-notary/hl95-notary-api-service.yaml  
    [root@master69 kubernetes]# kubectl create -f nginx-demo/nginx-demo-deployment.yaml 
[root@master69 kubernetes]# kubectl create -f nginx-demo/nginx-demo-service.yaml

    二、查看service

    [root@master69 hl95-notary]# kubectl get svc -n default -o wide
NAME                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE     SELECTOR
kubernetes           ClusterIP   10.96.0.1        <none>        443/TCP        3d16h   <none>
nginx-demo-service   NodePort    10.100.213.139   <none>        81:30001/TCP   95m     app=nginx-k8s-demo
    [root@master69 hl95-notary]# kubectl get svc -n hl95-notary  -o wide       
NAME                      TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE   SELECTOR
hl95-notary-api-service   NodePort   10.104.120.54   <none>        8079:8079/TCP   59m   app=hl95-notary-api

    可以看到nginx-demo-service位于default命名空间,IP为10.100.213.139

    hl95-notary-api-service位于hl95-notary命名空间,ip为10.104.120.54

    三、进入nginx-demo-service后端的一个pod中

    [root@redis-01 kubernetes]# kubectl exec -it nginx-demo-deployment-59fbc48594-8gns5 /bin/bash

    通过服务名称:端口 来访问服务

    root@nginx-demo-deployment-59fbc48594-8gns5:/# curl nginx-demo-service:81
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
         35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
root@nginx-demo-deployment-59fbc48594-8gns5:/#

    访问成功,为什么通过服务名称就能直接访问接口呢?我们查看/etc/resolv.conf,这个域名解析文件

    root@nginx-demo-deployment-59fbc48594-8gns5:/# cat /etc/resolv.conf 
nameserver 10.96.0.10
search default.svc.master69.kubernetes.blockchain.hl95.com svc.master69.kubernetes.blockchain.hl95.com master69.kubernetes.blockchain.hl95.com hlqxt
options ndots:5

    nameserver:dns服务器地址,10.96.0.10正是kube-dns服务的地址

    [root@master69 hl95-notary]# kubectl get svc -n kube-system
NAME       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE
kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   3d16h

    也就是说,pod内的域名访问是通过kube-dns服务来解析的

    search:字段,之所以能够通过Service名称和Namespace就能访问Service,就是因为search配置的规则。在解析域名时会自动拼接成完整域名去查询DNS。

    如果不带namespace,则默认为dedault

    我们直接在nginx的pod里访问另外一个service看看

    root@nginx-demo-deployment-59fbc48594-8gns5:/# ping hl95-notary-api-service
ping: unknown host

    发现未知的主机,报错,说明这个域名是不能解析的,是因为hl95-notary-api-service这个服务在另外一个namespace里,所以需要带上namespace才可以访问

    root@nginx-demo-deployment-59fbc48594-8gns5:/# ping hl95-notary-api-service.hl95-notary
PING hl95-notary-api-service.hl95-notary.svc.master69.kubernetes.blockchain.hl95.com (10.104.120.54): 56 data bytes
64 bytes from 10.104.120.54: icmp_seq=0 ttl=64 time=0.085 ms
64 bytes from 10.104.120.54: icmp_seq=1 ttl=64 time=0.097 ms
    root@nginx-demo-deployment-59fbc48594-8gns5:/# curl hl95-notary-api-service.hl95-notary:8079
{"timestamp":1610504965410,"status":404,"error":"Not Found","message":"No message available","path":"/"}root@nginx-demo-deployment-59fbc48594-8gns5:/#

    通过service.namesapce.port成功访问

    同样在hl95-notary-api-service后端的pod里也需要加上nginx-demo-service.default才可以访问nginx服务

    bash-5.0#  ping nginx-demo-service
ping: bad address 'nginx-demo-service'
bash-5.0#  ping nginx-demo-service.default
PING nginx-demo-service.default (10.100.213.139): 56 data bytes
64 bytes from 10.100.213.139: seq=0 ttl=64 time=0.093 ms
64 bytes from 10.100.213.139: seq=1 ttl=64 time=0.174 ms
    bash-5.0# curl nginx-demo-service.default:81
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
         35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
bash-5.0#

    如果服务之间是不通的namesapce空间下的,那么在服务之间相互访问,则必须使用service.namesapce来访问,不能直接使用service来访问了。
  • 相关阅读:
    MySQL-事务原理
    MySQL-索引原理
    SQL-查询前N条记录
    Shell-配置libpath环境变量
    PG-Vacuum
    python连接mysql数据库
    Spark SQL 基本操作
    spark-shell 交互式编程
    Scala统计学生成绩
    Scala模拟图形绘制
  • 原文地址:https://www.cnblogs.com/sky-cheng/p/14256063.html
Copyright © 2020-2023  润新知