k8s叢集容器外部與容器內部服務互相訪問
一.容器外部訪問容器內部服務
1.使用hostNetwork引數(容器內部服務與宿主機同一網段)
特點:當Pod排程到哪個節點就使用哪個節點的IP地址,客戶端使用IP地址訪問容器裡面的服務。一個node只能啟動一個pod埠,埠不能衝突。
[root@k8s01 yaml]# cat end-nginx.yaml
apiVersion: v1 kind: Pod metadata: name: nginx1 labels: app: web spec: hostNetwork: true containers: - name: ng-web image: nginx:latest imagePullPolicy: Never
[root@k8s01 yaml]# kubectl apply -f end-nginx.yaml
pod/nginx1 created
[root@k8s01 yaml]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx1 1/1 Running 0 72s 192.168.54.129 k8s02 <none> <none>
HTTP/1.1 200 OK
Server: nginx/1.17.5
Date: Wed, 27 Nov 2019 07:52:02 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 22 Oct 2019 14:30:00 GMT
Connection: keep-alive
ETag: "5daf1268-264"
Accept-Ranges: bytes
[root@k8s01 yaml]#
2.使用hostPort引數 (將容器內埠暴露出來)
特點:Pod排程到哪個節點就用哪個節點的IP址訪問, 埠可以隨機指定。生產環境pod必須與宿機繫結才可使用。
[root@k8s01 yaml]# cat end-nginx2.yaml
apiVersion: v1 kind: Pod metadata: name: nginx2 labels: app: web spec: containers: - name: ng-web2 image: nginx:latest imagePullPolicy: Never ports: - name: http containerPort: 80 --容器埠 hostPort: 80 --暴露埠 protocol: TCP
[root@k8s01 yaml]# kubectl apply -f end-nginx2.yaml
pod/nginx2 created
[root@k8s01 yaml]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx2 1/1 Running 0 4m31s 10.244.1.67 k8s02 <none> <none>
HTTP/1.1 200 OK
Server: nginx/1.17.5
Date: Wed, 27 Nov 2019 08:15:24 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 22 Oct 2019 14:30:00 GMT
Connection: keep-alive
ETag: "5daf1268-264"
Accept-Ranges: bytes
3.使用NodePort引數
特 點:使用node節點的IP加埠可以訪問Pod服務,master節點IP不可以訪問。埠範圍30000-32767。
[root@k8s01 yaml]# cat end-nginx3.yaml
apiVersion: v1 kind: Pod metadata: name: nginx3 labels: app: web spec: containers: - name: ng-web3 image: nginx:latest imagePullPolicy: Never ports: - containerPort: 80 --- kind: Service apiVersion: v1 metadata: name: ng-service spec: type: NodePort ports: - name: http port: 80 nodePort: 31000 selector: --後端Pod標籤 app: web
[root@k8s01 yaml]# kubectl apply -f end-nginx3.yaml
pod/nginx3 created
service/ng-service created
[root@k8s01 yaml]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx3 1/1 Running 0 63s 10.244.1.77 k8s02 <none> <none>
[root@k8s01 yaml]# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
ng-service NodePort 10.102.52.148 <none> 80:31000/TCP 66s app=web
HTTP/1.1 200 OK
Server: nginx/1.17.5
Date: Wed, 27 Nov 2019 08:47:33 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 22 Oct 2019 14:30:00 GMT
Connection: keep-alive
ETag: "5daf1268-264"
Accept-Ranges: bytes
4.使用 LoadBalancer引數
特點:必須使用雲服務商提供一個VIP地址,只能node節點的IP地址可以訪問,master地址不能訪問。
[root@k8s01 yaml]# cat end-nginx4.yaml
apiVersion: v1 kind: Pod metadata: name: nginx4 labels: app: web spec: containers: - name: ng-web4 image: nginx:latest imagePullPolicy: Never ports: - containerPort: 80 --- kind: Service apiVersion: v1 metadata: name: ng-lb spec: type: LoadBalancer ports: - name: http port: 80 selector: app: web status: --如果有vip就要寫,沒有就不用寫。 loadBalancer: ingress: - ip: 192.168.54.131
[root@k8s01 yaml]# kubectl apply -f end-nginx4.yaml
pod/nginx4 created
service/ng-lb created
[root@k8s01 yaml]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx4 1/1 Running 0 4m6s 10.244.1.80 k8s02 <none> <none>
[root@k8s01 yaml]# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
ng-lb LoadBalancer 10.99.49.195
<pending> 80:30183/TCP 4m10s app=web --沒有VIP地址
HTTP/1.1 200 OK
Server: nginx/1.17.5
Date: Wed, 27 Nov 2019 09:11:01 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 22 Oct 2019 14:30:00 GMT
Connection: keep-alive
ETag: "5daf1268-264"
Accept-Ranges: bytes
二.容器內部服務訪問外部服務
1.使用 hostNetwork引數(Pod與宿主機IP在同一網段)
[root@k8s01 yaml]# cat mysql.yaml
apiVersion: v1 kind: Pod metadata: name: nginx5 labels: app: mysql spec: hostNetwork: true containers: - name: db-mysql image: nginx:latest imagePullPolicy: Never
[root@k8s01 yaml]# kubectl apply -f mysql.yaml
pod/nginx5 created
[root@k8s01 yaml]# kubectl exec -it nginx5 /bin/bash
root@nginx5:/# apt-get update --更新建立
root@nginx5:/# apt-get install mysql* --安裝mysql包
root@nginx5:/# mysql -h 192.168.54.130 -u repl -p123456 --登陸mysql資料庫
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 16
Server version: 5.7.27 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| wuhan |
+--------------------+
5 rows in set (0.001 sec)
MySQL [(none)]>
2.使用endpoints元件
[root@k8s01 yaml]# cat endpoint.yaml
apiVersion: v1 kind: Endpoints metadata: name: mysql-test namespace: default subsets: - addresses: - ip: 192.168.54.130 --指定宿機主mysql伺服器 ports: - port: 3306 --指定埠 --- apiVersion: v1 kind: Service metadata: name: mysql-test --service後端指向endpoints地址 labels: app: abc spec: ports: - port: 3306 --- apiVersion: v1 kind: Pod metadata: name: nginx6 --啟動一個容器,測試連線mysql labels: app: db spec: containers: - name: mysql-test image: nginx:latest imagePullPolicy: Never
endpoints/mysql-test created
service/mysql-test created
pod/nginx6 created
[root@k8s01 yaml]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx6 1/1 Running 0 12s 10.244.1.85 k8s02 <none> <none>
[root@k8s01 yaml]# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
mysql-test ClusterIP 10.98.57.89 <none> 3306/TCP 16s <none>
[root@k8s01 yaml]# kubectl get endpoints -o wide
NAME ENDPOINTS AGE
mysql-test 192.168.54.130:3306 21s
[root@k8s01 yaml]# kubectl exec -it nginx6 /bin/bash
root@ nginx6:/# mysql -h mysql-test -u repl -p123456 --使用endpoints名字(對映到service,service對映到192.168.54.130)
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 19
Server version: 5.7.27 MySQL Community Server (GPL)
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| wuhan |
+--------------------+
5 rows in set (0.001 sec)
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/25854343/viewspace-2665927/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- 在kubernetes 叢集內訪問k8s API服務K8SAPI
- 容器監控—阿里雲&容器內部服務監控阿里
- docker 中容器通過 API 互相訪問DockerAPI
- docker 中容器透過 API 互相訪問DockerAPI
- k8s叢集訪問外部域名不穩定K8S
- Terraform部署容器服務Swarm叢集及WordPress應用ORMSwarm
- 手把手教你使用容器服務 TKE 叢集審計排查問題
- 事件與服務容器事件
- 急問:關於Web容器叢集和EJB叢集Web
- Docker容器內部埠對映到外部宿主機埠Docker
- 基於 K8s 容器叢集的容災架構與方案K8S架構
- 如何透過port-forward命令在本地訪問 k8s 叢集服務ForwardK8S
- OpenStack外部網路不能訪問內部VM
- Laravel服務容器Laravel
- 在K8S中,外部訪問容器服務,比如說提供了一個域名,鏈路怎麼走?資料經過哪些元件?K8S元件
- 【docker-ce】k8s叢集docker容器異常重啟問題分析DockerK8S
- K8S叢集pod容器與宿主機時鐘不一致K8S
- 如何監控docker容器內的服務程式Docker
- 關於k8s叢集容器日誌收集的總結K8S
- 深入Laravel服務容器Laravel
- docker內服務訪問宿主機服務Docker
- OpenStack容器服務Zun初探與原理分析
- 除錯 Docker 容器內部程式除錯Docker
- Docker容器內部修改時區Docker
- docker網路問題解決辦法“大全”:關於宿主機訪問不了docker容器中web服務,或者容器內訪問不了外網的問題的解決辦法DockerWeb
- 建立sshd服務容器,並使宿主機與容器免密通訊
- Docker容器內部埠對映到外部宿主機埠的方法小結Docker
- 容器化 | 在 K8s 上部署 RadonDB MySQL Operator 和叢集K8SMySql
- Docker 容器搭建及 Redis 叢集原理DockerRedis
- Docker容器使用靜態獨立的外部IP(便於叢集組建)Docker
- Kubernetes(k8s)叢集部署(k8s企業級Docker容器集K8SDocker
- 深入剖析 Laravel 服務容器Laravel
- Docker容器服務搭建(一)Docker
- 騰訊雲容器服務日誌採集最佳實踐
- Laravel修煉:服務容器繫結與解析Laravel
- 非k8s環境下,進入docker某個容器內部K8SDocker
- 利用容器逃逸實現遠端登入k8s叢集節點K8S
- Holer實現外網ssh訪問內網Docker容器內網Docker