#创建一个web [root@master ~]# kubectl create deployment nginx --image=nginx deployment.apps/nginx created [root@master ~]# #把web应用暴露出去 [root@master ~]# kubectl expose deployment nginx --port=80 --type=NodePort service/nginx exposed [root@master ~]# #外部客户通过server来访问web的应用,这就是service存在的意义 [root@master ~]# kubectl get pod,svc NAME READY STATUS RESTARTS AGE pod/nginx-f89759699-52lfr 0/1 ContainerCreating 0 36s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/nginx NodePort 10.102.12.94 <none> 80:30002/TCP 8s [root@master ~]#
[root@master ~]# cat java-demo2.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: java-demo2
spec:
replicas: 2 #当deployment中有多个容器时,外部客户端要访问deployment的应用
selector: #就需要通过service,这时的service就相当于一个loadblance
matchLabels:
app: java-demo
project: blog
template:
metadata:
labels:
app: java-demo
project: blog
spec:
containers:
- image: lizhenliang/java-demo
imagePullPolicy: Always
name: web
ports:
- containerPort: 80
[root@master ~]#
[root@master ~]# cat deployment4.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: java-demo2 #deployment的名称是java-demo2
spec:
replicas: 3
selector:
matchLabels:
project: blog
app: java-demo #deployment中的project/app的值要与pod中一样
template: #否则无法匹配到该Pod
metadata:
labels:
project: blog
app: java-demo
spec:
containers:
- name: web
image: lizhenliang/java-demo
ports:
- containerPort: 80
[root@master ~]#
[root@master ~]# cat service4.yaml
apiVersion: v1 #service的版本
kind: Service #资源的类型
metadata:
name: java-demo2 #一般与deploy名称一样
spec:
selector: #通过标签选择器来匹配deploy中的pod,名为java-demo2的service对应
project: blog #的pod就是名为java-demo2中的depmloyemnt中的三个pod,这三个pod的
app: java-demo #地址为 10.244.1.156:8080,10.244.2.234:8080,10.244.2.235:8080
ports:
- protocol: TCP
port: 80
targetPort: 8080
type: NodePort
[root@master ~]#
[root@master ~]# kubectl get svc java-demo2
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
java-demo2 NodePort 10.104.171.129 <none> 80:30997/TCP 34s
[root@master ~]#
[root@master ~]# #查看java-demo2这个service关联的后端应用,后面的地址分别为
[root@master ~]# #10.244.1.156:8080,10.244.2.234:8080,10.244.2.235:8080
[root@master ~]# #service与endpoints是一一对应的,service创建时endpoints会自动生成
[root@master ~]# kubectl get endpoints java-demo2
NAME ENDPOINTS AGE
java-demo2 10.244.1.156:8080,10.244.2.234:8080,10.244.2.235:8080 3m7s
[root@master ~]#
手工手成一个service文件
#生成service之前需要有一个deploy的资源
#为名为java-demo2的deploy暴露服务 --port=80 cluserIP的端口为80
# --target-port=80 Pod内的端口为80,在为deploy暴露服务的同时导出yaml文件
[root@master ~]# kubectl apply -f java-demo2.yaml
deployment.apps/java-demo2 created
[root@master ~]# kubectl expose deploy java-demo2 --port=80 --target-port=80 --dry-run=client -o yaml > service5.yaml
[root@master ~]# vim service5.yaml #编辑yaml文件,删除系统的状态信息
apiVersion: v1
kind: Service
metadata:
name: java-demo2
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: java-demo
project: blog
[root@master ~]#
清空pod为后续实验提供简洁的环境
[root@master ~]# kubectl delete deploy java-demo2
deployment.apps "java-demo2" deleted #生成一个deploy文件,并使用deployment部署pod
[root@master ~]# kubectl create deployment web --image=nginx --dry-run=client -o yaml > web5.yaml
[root@master ~]# vim web5.yaml #编辑yaml文件
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: web
name: web
spec:
replicas: 2
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- image: nginx
name: nginx
[root@master ~]#
[root@master ~]# kubectl apply -f web5.yaml
deployment.apps/web created
[root@master ~]# kubectl get pods #确认pod的副本为2
NAME READY STATUS RESTARTS AGE
web-5dcb957ccc-6pjvf 1/1 Running 0 70s
web-5dcb957ccc-hwcvt 1/1 Running 0 70s
[root@master ~]# #为web5.yaml中的pod创建service,同时再次编辑service5.yaml文件
[root@master ~]# vim service5.yaml
apiVersion: v1
kind: Service
metadata:
name: web #service的名称通常与deploy名字一致,方便识别
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: web #这里标签匹配的是web,与web5.yaml中pod的标签一致,所以写这个server之前
#要确认deploy中pod的标签是什么,查看方法下面有介绍
[root@master ~]#
#可以查看deployment的web5.yaml文件中的15行,即deply的标签
#也可以用指令查看pod的标签
[root@master ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
web-5dcb957ccc-6pjvf 1/1 Running 0 14m app=web,pod-template-hash=5dcb957ccc
web-5dcb957ccc-hwcvt 1/1 Running 0 14m app=web,pod-template-hash=5dcb957ccc
[root@master ~]#
[root@master ~]# kubectl apply -f service5.yaml
service/web created
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
web-5dcb957ccc-6pjvf 1/1 Running 0 18m
web-5dcb957ccc-hwcvt 1/1 Running 0 18m
[root@master ~]# #查看server的clusterIP
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
web ClusterIP 10.110.196.161 <none> 80/TCP 40s
[root@master ~]#
#查看web的后端IP地址,即web服务器集群的真实IP地址:
#10.244.2.238:80,10.244.2.239:80,这两个地址也正是
#VIP 10.110.196.161的后端IP地址
[root@master ~]# kubectl get endpoints web
NAME ENDPOINTS AGE
web 10.244.2.238:80,10.244.2.239:80 12m
[root@master ~]#
[root@master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
web-5dcb957ccc-6pjvf 1/1 Running 0 31m 10.244.2.239 node2
web-5dcb957ccc-hwcvt 1/1 Running 0 31m 10.244.2.238 node2
[root@master ~]#
#注意:这里的CLUSTER-IP 10.110.196.161是供集群内部使用的一个VIP,这个
#地址没有绑定在具体的设备上,所以是ping不通的。但在集群内部可以通过
# http://10.110.196.161来访问web
[root@node1 ~]# curl 10.110.196.161
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
#在master节点访问会很慢,是kubeadmi集群自身的原因
[root@master ~]# curl 10.110.196.161
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
#把service的类型修改为NodePort
[root@master ~]# vim service5.yaml
apiVersion: v1
kind: Service
metadata:
name: web
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: web
type: NodePort #如果没有这一行默认是Cluster-IP
[root@master ~]# kubectl apply -f service5.yaml
service/web configured
[root@master ~]# #service的类型已修改为了NodePort,但是Cluster-IP仍会被创建
#PORT(S)中多了一个30470这个端口是Node的端口,并且每个Node上都会被开启
[root@master ~]# kubectl get svc web
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
web NodePort 10.110.196.161 <none> 80:30470/TCP 26h
[root@master ~]#
在Node上查看端口
[root@master ~]# netstat -natlp | grep 30470
tcp 0 0 0.0.0.0:30470 0.0.0.0:* LISTEN 1606/kube-proxy
[root@master ~]#
[root@node1 ~]# netstat -natlp | grep 30470
tcp 0 0 0.0.0.0:30470 0.0.0.0:* LISTEN 1293/kube-proxy
[root@node1 ~]#
[root@master ~]# kubectl get node -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master Ready master 246d v1.18.0 192.168.1.61 <none> CentOS Linux 7 (Core) 3.10.0-862.el7.x86_64 docker://18.6.1
node1 Ready <none> 246d v1.18.0 192.168.1.62 <none> CentOS Linux 7 (Core) 3.10.0-862.el7.x86_64 docker://18.6.1
node2 Ready <none> 246d v1.18.0 192.168.1.63 <none> CentOS Linux 7 (Core) 3.10.0-862.el7.x86_64 docker://18.6.1
[root@master ~]#
指定NodePort的端口,添加第10行
1 apiVersion: v1
2 kind: Service
3 metadata:
4 name: web
5 spec:
6 ports:
7 - port: 80
8 protocol: TCP
9 targetPort: 80
10 nodePort: 30008
11 selector:
12 app: web
13 type: NodePort
[root@master ~]#
[root@master ~]# kubectl apply -f service5.yaml
service/web configured
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
web NodePort 10.110.196.161 <none> 80:30008/TCP 4d2h
[root@master ~]#
