应用部署,运行与管理(一)
暴露容器服务
pod对象的IP地址仅在集群内部可达,无法直接接收集群外部客户端请求流量。
在前面我们已经实操了通过Service资源镜像服务暴露的情况,(NodePort是通过所有节点暴露服务的)
现在不考虑Service资源暴露:常用方式有2种:一是在其运行的节点上进行端口映射;二是让Pod共享器所在的工作节点的网络名称空间,应用进程将直接监听工作节点IP地址和协议端口。
下面创建一个httpd服务示例
[root@k8s-master01 yaml]# cat pod-using-hostport.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-using-hostport
namespace: dev
spec:
containers:
- name: httpd
image: httpd
imagePullPolicy: Always
ports:
- name: http
containerPort: 80
protocol: TCP
hostPort: 10080
containerPort:必选字段,指定在pod对象的IP地址上暴露的容器端口
name:当前端口的名称识别,必选符合规范并且在当前pod内具有唯一性
protocol:端口相关的协议;其值仅有TCP、SCTP、UDP。
hostPort:主机端口,它将接收到的请求通过NTP机制转发至containerport字段指定的容器端口
hostIP:主机端口要绑定的主机ip,默认是主机间所有可用的IP地址
上面的资源配置清单示例中定义的httpd容器指定了要暴露容器上TCP协议的80端口,并将之命名为http,该容器可通过工作节点的10080端口接入集群外部客户端的请求
[root@k8s-master01 yaml]# kubectl apply -f pod-using-hostport.yaml -n dev
pod/pod-using-hostport created
[root@k8s-master01 yaml]# kubectl get pods -n dev
NAME READY STATUS RESTARTS AGE
pod-nginx-68dc879f46-fcwxh 1/1 Running 0 142m
pod-nginx-68dc879f46-htp2z 1/1 Running 0 142m
pod-nginx-68dc879f46-kzhb5 1/1 Running 0 145m
pod-nginx-68dc879f46-rblxg 1/1 Running 0 142m
pod-using-hostport 1/1 Running 0 96s
[root@k8s-master01 yaml]# kubectl describe pods/pod-using-hostport -n dev | grep "^Node:"
Node: k8s-node01/10.122.138.245 #调度的工作节点
[root@k8s-master01 yaml]# curl 10.122.138.245:10080
<html><body><h1>It works!</h1></body></html>
配置Pod使用节点网络
[root@k8s-master01 yaml]# cat pod-using-hostnetwork.yaml
apiVersion: v1 kind: Pod metadata: name: pod-using-hostnetwork namespace: dev spec: containers: - name: httpd image: httpd imagePullPolicy: Always hostNetwork: true
[root@k8s-master01 yaml]# kubectl apply -f pod-using-hostnetwork.yaml -n dev
pod/pod-using-hostnetwork created
[root@k8s-master01 yaml]# kubectl get pods -n dev
NAME READY STATUS RESTARTS AGE
pod-nginx-68dc879f46-fcwxh 1/1 Running 0 3h19m
pod-nginx-68dc879f46-htp2z 1/1 Running 0 3h19m
pod-nginx-68dc879f46-kzhb5 1/1 Running 0 3h22m
pod-nginx-68dc879f46-rblxg 1/1 Running 0 3h19m
pod-using-hostnetwork 1/1 Running 0 78s
pod-using-hostport 1/1 Running 0 58m
[root@k8s-master01 yaml]# kubectl describe pod/pod-using-hostnetwork -n dev Name: pod-using-hostnetwork Namespace: dev Priority: 0 Node: k8s-node03/10.122.138.247 Start Time: Sun, 15 Aug 2021 16:01:26 +0800 Labels: <none> Annotations: <none> Status: Running IP: 10.122.138.247 IPs: IP: 10.122.138.247 Containers: httpd: Container ID: docker://9c1f28f411c59b0273cb6c0b392cd308ef69dd5a6d8ac495bce1088db0107b88 Image: httpd Image ID: docker-pullable://httpd@sha256:eacdd6c7419ab95b43a258321fc6b38cf56004de4f6a952fc0d96a12730e04de Port: <none> Host Port: <none> State: Running Started: Sun, 15 Aug 2021 16:01:30 +0800 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-wt6qh (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-wt6qh: Type: Secret (a volume populated by a Secret) SecretName: default-token-wt6qh Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 3m21s Successfully assigned dev/pod-using-hostnetwork to k8s-node03 Normal Pulling 3m21s kubelet, k8s-node03 Pulling image "httpd" Normal Pulled 3m18s kubelet, k8s-node03 Successfully pulled image "httpd" in 2.69434777s Normal Created 3m18s kubelet, k8s-node03 Created container httpd Normal Started 3m18s kubelet, k8s-node03 Started container httpd
[root@k8s-master01 yaml]# curl k8s-node03
<html><body><h1>It works!</h1></body></html>
浙公网安备 33010602011771号