#创建一个web [root@master ~]# kubectl create deployment nginx --image=nginx deployment.apps/nginx created [root@master ~]# #把web应用暴露出去 [root@master ~]# kubectl expose deployment nginx --port=80 --type=NodePort service/nginx exposed [root@master ~]# #外部客户通过server来访问web的应用,这就是service存在的意义 [root@master ~]# kubectl get pod,svc NAME READY STATUS RESTARTS AGE pod/nginx-f89759699-52lfr 0/1 ContainerCreating 0 36s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/nginx NodePort 10.102.12.94 <none> 80:30002/TCP 8s [root@master ~]#
[root@master ~]# cat java-demo2.yaml apiVersion: apps/v1 kind: Deployment metadata: name: java-demo2 spec: replicas: 2 #当deployment中有多个容器时,外部客户端要访问deployment的应用 selector: #就需要通过service,这时的service就相当于一个loadblance matchLabels: app: java-demo project: blog template: metadata: labels: app: java-demo project: blog spec: containers: - image: lizhenliang/java-demo imagePullPolicy: Always name: web ports: - containerPort: 80 [root@master ~]#
[root@master ~]# cat deployment4.yaml apiVersion: apps/v1 kind: Deployment metadata: name: java-demo2 #deployment的名称是java-demo2 spec: replicas: 3 selector: matchLabels: project: blog app: java-demo #deployment中的project/app的值要与pod中一样 template: #否则无法匹配到该Pod metadata: labels: project: blog app: java-demo spec: containers: - name: web image: lizhenliang/java-demo ports: - containerPort: 80 [root@master ~]# [root@master ~]# cat service4.yaml apiVersion: v1 #service的版本 kind: Service #资源的类型 metadata: name: java-demo2 #一般与deploy名称一样 spec: selector: #通过标签选择器来匹配deploy中的pod,名为java-demo2的service对应 project: blog #的pod就是名为java-demo2中的depmloyemnt中的三个pod,这三个pod的 app: java-demo #地址为 10.244.1.156:8080,10.244.2.234:8080,10.244.2.235:8080 ports: - protocol: TCP port: 80 targetPort: 8080 type: NodePort [root@master ~]# [root@master ~]# kubectl get svc java-demo2 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE java-demo2 NodePort 10.104.171.129 <none> 80:30997/TCP 34s [root@master ~]# [root@master ~]# #查看java-demo2这个service关联的后端应用,后面的地址分别为 [root@master ~]# #10.244.1.156:8080,10.244.2.234:8080,10.244.2.235:8080 [root@master ~]# #service与endpoints是一一对应的,service创建时endpoints会自动生成 [root@master ~]# kubectl get endpoints java-demo2 NAME ENDPOINTS AGE java-demo2 10.244.1.156:8080,10.244.2.234:8080,10.244.2.235:8080 3m7s [root@master ~]#
手工手成一个service文件 #生成service之前需要有一个deploy的资源 #为名为java-demo2的deploy暴露服务 --port=80 cluserIP的端口为80 # --target-port=80 Pod内的端口为80,在为deploy暴露服务的同时导出yaml文件 [root@master ~]# kubectl apply -f java-demo2.yaml deployment.apps/java-demo2 created [root@master ~]# kubectl expose deploy java-demo2 --port=80 --target-port=80 --dry-run=client -o yaml > service5.yaml [root@master ~]# vim service5.yaml #编辑yaml文件,删除系统的状态信息 apiVersion: v1 kind: Service metadata: name: java-demo2 spec: ports: - port: 80 protocol: TCP targetPort: 80 selector: app: java-demo project: blog [root@master ~]# 清空pod为后续实验提供简洁的环境 [root@master ~]# kubectl delete deploy java-demo2 deployment.apps "java-demo2" deleted #生成一个deploy文件,并使用deployment部署pod [root@master ~]# kubectl create deployment web --image=nginx --dry-run=client -o yaml > web5.yaml [root@master ~]# vim web5.yaml #编辑yaml文件 apiVersion: apps/v1 kind: Deployment metadata: labels: app: web name: web spec: replicas: 2 selector: matchLabels: app: web template: metadata: labels: app: web spec: containers: - image: nginx name: nginx [root@master ~]# [root@master ~]# kubectl apply -f web5.yaml deployment.apps/web created [root@master ~]# kubectl get pods #确认pod的副本为2 NAME READY STATUS RESTARTS AGE web-5dcb957ccc-6pjvf 1/1 Running 0 70s web-5dcb957ccc-hwcvt 1/1 Running 0 70s [root@master ~]# #为web5.yaml中的pod创建service,同时再次编辑service5.yaml文件 [root@master ~]# vim service5.yaml apiVersion: v1 kind: Service metadata: name: web #service的名称通常与deploy名字一致,方便识别 spec: ports: - port: 80 protocol: TCP targetPort: 80 selector: app: web #这里标签匹配的是web,与web5.yaml中pod的标签一致,所以写这个server之前 #要确认deploy中pod的标签是什么,查看方法下面有介绍 [root@master ~]# #可以查看deployment的web5.yaml文件中的15行,即deply的标签 #也可以用指令查看pod的标签 [root@master ~]# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS web-5dcb957ccc-6pjvf 1/1 Running 0 14m app=web,pod-template-hash=5dcb957ccc web-5dcb957ccc-hwcvt 1/1 Running 0 14m app=web,pod-template-hash=5dcb957ccc [root@master ~]# [root@master ~]# kubectl apply -f service5.yaml service/web created [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE web-5dcb957ccc-6pjvf 1/1 Running 0 18m web-5dcb957ccc-hwcvt 1/1 Running 0 18m [root@master ~]# #查看server的clusterIP [root@master ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE web ClusterIP 10.110.196.161 <none> 80/TCP 40s [root@master ~]# #查看web的后端IP地址,即web服务器集群的真实IP地址: #10.244.2.238:80,10.244.2.239:80,这两个地址也正是 #VIP 10.110.196.161的后端IP地址 [root@master ~]# kubectl get endpoints web NAME ENDPOINTS AGE web 10.244.2.238:80,10.244.2.239:80 12m [root@master ~]# [root@master ~]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE web-5dcb957ccc-6pjvf 1/1 Running 0 31m 10.244.2.239 node2 web-5dcb957ccc-hwcvt 1/1 Running 0 31m 10.244.2.238 node2 [root@master ~]# #注意:这里的CLUSTER-IP 10.110.196.161是供集群内部使用的一个VIP,这个 #地址没有绑定在具体的设备上,所以是ping不通的。但在集群内部可以通过 # http://10.110.196.161来访问web [root@node1 ~]# curl 10.110.196.161 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> #在master节点访问会很慢,是kubeadmi集群自身的原因 [root@master ~]# curl 10.110.196.161 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style>
#把service的类型修改为NodePort [root@master ~]# vim service5.yaml apiVersion: v1 kind: Service metadata: name: web spec: ports: - port: 80 protocol: TCP targetPort: 80 selector: app: web type: NodePort #如果没有这一行默认是Cluster-IP [root@master ~]# kubectl apply -f service5.yaml service/web configured [root@master ~]# #service的类型已修改为了NodePort,但是Cluster-IP仍会被创建 #PORT(S)中多了一个30470这个端口是Node的端口,并且每个Node上都会被开启 [root@master ~]# kubectl get svc web NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE web NodePort 10.110.196.161 <none> 80:30470/TCP 26h [root@master ~]# 在Node上查看端口 [root@master ~]# netstat -natlp | grep 30470 tcp 0 0 0.0.0.0:30470 0.0.0.0:* LISTEN 1606/kube-proxy [root@master ~]# [root@node1 ~]# netstat -natlp | grep 30470 tcp 0 0 0.0.0.0:30470 0.0.0.0:* LISTEN 1293/kube-proxy [root@node1 ~]# [root@master ~]# kubectl get node -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME master Ready master 246d v1.18.0 192.168.1.61 <none> CentOS Linux 7 (Core) 3.10.0-862.el7.x86_64 docker://18.6.1 node1 Ready <none> 246d v1.18.0 192.168.1.62 <none> CentOS Linux 7 (Core) 3.10.0-862.el7.x86_64 docker://18.6.1 node2 Ready <none> 246d v1.18.0 192.168.1.63 <none> CentOS Linux 7 (Core) 3.10.0-862.el7.x86_64 docker://18.6.1 [root@master ~]#
指定NodePort的端口,添加第10行 1 apiVersion: v1 2 kind: Service 3 metadata: 4 name: web 5 spec: 6 ports: 7 - port: 80 8 protocol: TCP 9 targetPort: 80 10 nodePort: 30008 11 selector: 12 app: web 13 type: NodePort [root@master ~]# [root@master ~]# kubectl apply -f service5.yaml service/web configured [root@master ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE web NodePort 10.110.196.161 <none> 80:30008/TCP 4d2h [root@master ~]#