Kubernetes K8S之Pod跨namespace名称空间访问Service服务
Kubernetes的两个Service(ServiceA、ServiceB)和对应的Pod(PodA、PodB)分别属于不同的namespace名称空间,现需要PodA和PodB跨namespace名称空间并通过Service实现互访。应该如何实现?
场景需求
Kubernetes的两个Service(ServiceA、ServiceB)和对应的Pod(PodA、PodB)分别属于不同的namespace名称空间,现需要PodA和PodB跨namespace名称空间并通过Service实现互访。如何实现?
说明:这里是指通过Service的Name进行通信访问,而不是通过Service的IP【因因为每次重启Service,NAME不会改变,而IP是会改变的】。
主机配置规划
服务器名称(hostname) |
系统版本 |
配置 |
内网IP |
外网IP(模拟) |
---|---|---|---|---|
k8s-master |
CentOS7.7 |
2C/4G/20G |
172.16.1.110 |
10.0.0.110 |
k8s-node01 |
CentOS7.7 |
2C/4G/20G |
172.16.1.111 |
10.0.0.111 |
k8s-node02 |
CentOS7.7 |
2C/4G/20G |
172.16.1.112 |
10.0.0.112 |
创建Service和Pod
相关yaml文件
1 [root@k8s-master cross_ns]# pwd
2 /root/k8s_practice/cross_ns
3 [root@k8s-master cross_ns]#
4 [root@k8s-master cross_ns]# cat deply_service_myns.yaml
5 apiVersion: v1
6 kind: Namespace
7 metadata:
8 name: myns
9 ---
10 apiVersion: apps/v1
11 kind: Deployment
12 metadata:
13 name: myapp-deploy1
14 namespace: myns
15 spec:
16 replicas: 2
17 selector:
18 matchLabels:
19 app: myapp
20 release: v1
21 template:
22 metadata:
23 labels:
24 app: myapp
25 release: v1
26 spec:
27 containers:
28 - name: myapp
29 image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1
30 imagePullPolicy: IfNotPresent
31 ports:
32 - name: http
33 containerPort: 80
34 ---
35 apiVersion: v1
36 kind: Service
37 metadata:
38 name: myapp-clusterip1
39 namespace: myns
40 spec:
41 type: ClusterIP # 默认类型
42 selector:
43 app: myapp
44 release: v1
45 ports:
46 - name: http
47 port: 80
48 targetPort: 80
49
50 [root@k8s-master cross_ns]#
51 [root@k8s-master cross_ns]# cat deply_service_mytest.yaml
52 apiVersion: v1
53 kind: Namespace
54 metadata:
55 name: mytest
56 ---
57 apiVersion: apps/v1
58 kind: Deployment
59 metadata:
60 name: myapp-deploy2
61 namespace: mytest
62 spec:
63 replicas: 2
64 selector:
65 matchLabels:
66 app: myapp
67 release: v2
68 template:
69 metadata:
70 labels:
71 app: myapp
72 release: v2
73 spec:
74 containers:
75 - name: myapp
76 image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v2
77 imagePullPolicy: IfNotPresent
78 ports:
79 - name: http
80 containerPort: 80
81 ---
82 apiVersion: v1
83 kind: Service
84 metadata:
85 name: myapp-clusterip2
86 namespace: mytest
87 spec:
88 type: ClusterIP # 默认类型
89 selector:
90 app: myapp
91 release: v2
92 ports:
93 - name: http
94 port: 80
95 targetPort: 80
运行yaml文件
1 kubectl apply -f deply_service_myns.yaml
2 kubectl apply -f deply_service_mytest.yaml
查看myns名称空间信息
1 [root@k8s-master cross_ns]# kubectl get svc -n myns -o wide
2 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
3 myapp-clusterip1 ClusterIP 10.100.61.11 <none> 80/TCP 3m app=myapp,release=v1
4 [root@k8s-master cross_ns]#
5 [root@k8s-master cross_ns]# kubectl get deploy -n myns -o wide
6 NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
7 myapp-deploy1 2/2 2 2 3m7s myapp registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1 app=myapp,release=v1
8 [root@k8s-master cross_ns]#
9 [root@k8s-master cross_ns]# kubectl get rs -n myns -o wide
10 NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
11 myapp-deploy1-5b9d78576c 2 2 2 3m15s myapp registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1 app=myapp,pod-template-hash=5b9d78576c,release=v1
12 [root@k8s-master cross_ns]#
13 [root@k8s-master cross_ns]# kubectl get pod -n myns -o wide
14 NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
15 myapp-deploy1-5b9d78576c-wfw4n 1/1 Running 0 3m20s 10.244.2.136 k8s-node02 <none> <none>
16 myapp-deploy1-5b9d78576c-zsfjl 1/1 Running 0 3m20s 10.244.3.193 k8s-node01 <none> <none>
查看mytest名称空间信息
1 [root@k8s-master cross_ns]# kubectl get svc -n mytest -o wide
2 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
3 myapp-clusterip2 ClusterIP 10.100.201.103 <none> 80/TCP 4m9s app=myapp,release=v2
4 [root@k8s-master cross_ns]#
5 [root@k8s-master cross_ns]# kubectl get deploy -n mytest -o wide
6 NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
7 myapp-deploy2 2/2 2 2 4m15s myapp registry.cn-beijing.aliyuncs.com/google_registry/myapp:v2 app=myapp,release=v2
8 [root@k8s-master cross_ns]#
9 [root@k8s-master cross_ns]# kubectl get rs -n mytest -o wide
10 NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
11 myapp-deploy2-dc8f96497 2 2 2 4m22s myapp registry.cn-beijing.aliyuncs.com/google_registry/myapp:v2 app=myapp,pod-template-hash=dc8f96497,release=v2
12 [root@k8s-master cross_ns]#
13 [root@k8s-master cross_ns]# kubectl get pod -n mytest -o wide
14 NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
15 myapp-deploy2-dc8f96497-nnkqn 1/1 Running 0 4m27s 10.244.3.194 k8s-node01 <none> <none>
16 myapp-deploy2-dc8f96497-w47dt 1/1 Running 0 4m27s 10.244.2.137 k8s-node02 <none> <none>
只看Service和Pod
1 [root@k8s-master cross_ns]# kubectl get pod -A -o wide | grep -E '(my)|(NAME)'
2 NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
3 myns myapp-deploy1-5b9d78576c-wfw4n 1/1 Running 0 41m 10.244.2.136 k8s-node02 <none> <none>
4 myns myapp-deploy1-5b9d78576c-zsfjl 1/1 Running 0 41m 10.244.3.193 k8s-node01 <none> <none>
5 mytest myapp-deploy2-dc8f96497-nnkqn 1/1 Running 0 41m 10.244.3.194 k8s-node01 <none> <none>
6 mytest myapp-deploy2-dc8f96497-w47dt 1/1 Running 0 41m 10.244.2.137 k8s-node02 <none> <none>
7 [root@k8s-master cross_ns]#
8 [root@k8s-master cross_ns]#
9 [root@k8s-master cross_ns]# kubectl get svc -A -o wide | grep -E '(my)|(NAME)'
10 NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
11 myns myapp-clusterip1 ClusterIP 10.100.61.11 <none> 80/TCP 41m app=myapp,release=v1
12 mytest myapp-clusterip2 ClusterIP 10.100.201.103 <none> 80/TCP 41m app=myapp,release=v2
pod跨名称空间namespace与Service通信
说明:是通过Service的NAME进行通信,而不是Service的IP【因为每次重启Service,NAME不会改变,而IP是会改变的】。
1 # 进入ns名称空间下的一个Pod容器
2 [root@k8s-master cross_ns]# kubectl exec -it -n myns myapp-deploy1-5b9d78576c-wfw4n sh
3 / # cd /root/
4 ### 如下说明在同一名称空间下,通信无问题
5 ~ # ping myapp-clusterip1
6 PING myapp-clusterip1 (10.100.61.11): 56 data bytes
7 64 bytes from 10.100.61.11: seq=0 ttl=64 time=0.046 ms
8 64 bytes from 10.100.61.11: seq=1 ttl=64 time=0.081 ms
9 ~ #
10 ~ # wget myapp-clusterip1 -O myns.html
11 Connecting to myapp-clusterip1 (10.100.61.11:80)
12 myns.html 100%
13 ~ #
14 ~ # cat myns.html
15 Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
16
17 ### 如下说明在不同的名称空间下,通过Service的NAME进行通信存在问题
18 ~ # ping myapp-clusterip2
19 ping: bad address 'myapp-clusterip2'
20 ~ #
21 ~ # wget myapp-clusterip2 -O mytest.html
22 wget: bad address 'myapp-clusterip2'
实现跨namespace与Service通信
通过Service的ExternalName类型即可实现跨namespace名称空间与Service通信。
Service域名格式:(service name).(namespace).svc.cluster.local,其中 cluster.local 为指定的集群的域名
相关yaml文件
1 [root@k8s-master cross_ns]# pwd
2 /root/k8s_practice/cross_ns
3 [root@k8s-master cross_ns]#
4 [root@k8s-master cross_ns]# cat svc_ExternalName_visit.yaml
5 # 实现 myns 名称空间的pod,访问 mytest 名称空间的Service:myapp-clusterip2
6 apiVersion: v1
7 kind: Service
8 metadata:
9 name: myapp-clusterip1-externalname
10 namespace: myns
11 spec:
12 type: ExternalName
13 externalName: myapp-clusterip2.mytest.svc.cluster.local
14 ports:
15 - name: http
16 port: 80
17 targetPort: 80
18 ---
19 # 实现 mytest 名称空间的Pod,访问 myns 名称空间的Service:myapp-clusterip1
20 apiVersion: v1
21 kind: Service
22 metadata:
23 name: myapp-clusterip2-externalname
24 namespace: mytest
25 spec:
26 type: ExternalName
27 externalName: myapp-clusterip1.myns.svc.cluster.local
28 ports:
29 - name: http
30 port: 80
31 targetPort: 80
运行yaml文件
1 [root@k8s-master cross_ns]# kubectl apply -f svc_ExternalName_visit.yaml
2 [root@k8s-master cross_ns]#
3 [root@k8s-master cross_ns]# kubectl get svc -A -o wide | grep -E '(ExternalName)|(NAME)'
4 NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
5 myns myapp-clusterip1-externalname ExternalName <none> myapp-clusterip2.mytest.svc.cluster.local 80/TCP 28s <none>
6 mytest myapp-clusterip2-externalname ExternalName <none> myapp-clusterip1.myns.svc.cluster.local 80/TCP 28s <none>
pod跨名称空间namespace与Service通信
到目前所有service和pod信息查看
1 [root@k8s-master cross_ns]# kubectl get svc -A -o wide | grep -E '(my)|(NAME)'
2 NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
3 myns myapp-clusterip1 ClusterIP 10.100.61.11 <none> 80/TCP 62m app=myapp,release=v1
4 myns myapp-clusterip1-externalname ExternalName <none> myapp-clusterip2.mytest.svc.cluster.local 80/TCP 84s <none>
5 mytest myapp-clusterip2 ClusterIP 10.100.201.103 <none> 80/TCP 62m app=myapp,release=v2
6 mytest myapp-clusterip2-externalname ExternalName <none> myapp-clusterip1.myns.svc.cluster.local 80/TCP 84s <none>
7 [root@k8s-master cross_ns]#
8 [root@k8s-master cross_ns]# kubectl get pod -A -o wide | grep -E '(my)|(NAME)'
9 NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
10 myns myapp-deploy1-5b9d78576c-wfw4n 1/1 Running 0 62m 10.244.2.136 k8s-node02 <none> <none>
11 myns myapp-deploy1-5b9d78576c-zsfjl 1/1 Running 0 62m 10.244.3.193 k8s-node01 <none> <none>
12 mytest myapp-deploy2-dc8f96497-nnkqn 1/1 Running 0 62m 10.244.3.194 k8s-node01 <none> <none>
13 mytest myapp-deploy2-dc8f96497-w47dt 1/1 Running 0 62m 10.244.2.137 k8s-node02 <none> <none>
myns 名称空间的pod,访问 mytest 名称空间的Service:myapp-clusterip2
1 [root@k8s-master cross_ns]# kubectl exec -it -n myns myapp-deploy1-5b9d78576c-wfw4n sh
2 / # cd /root/
3 ### 如下说明在同一名称空间下,通信无问题
4 ~ # ping myapp-clusterip1
5 PING myapp-clusterip1 (10.100.61.11): 56 data bytes
6 64 bytes from 10.100.61.11: seq=0 ttl=64 time=0.057 ms
7 64 bytes from 10.100.61.11: seq=1 ttl=64 time=0.071 ms
8 ………………
9 ~ #
10 ~ # wget myapp-clusterip1 -O myns.html
11 Connecting to myapp-clusterip1 (10.100.61.11:80)
12 myns.html 100%
13 ~ #
14 ~ # cat myns.html
15 Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
16
17 ### 如下说明通过Service externalname类型,实现了Pod跨namespace名称空间与Service访问
18 ~ # ping myapp-clusterip1-externalname
19 PING myapp-clusterip1-externalname (10.100.201.103): 56 data bytes
20 64 bytes from 10.100.201.103: seq=0 ttl=64 time=0.050 ms
21 64 bytes from 10.100.201.103: seq=1 ttl=64 time=0.311 ms
22 ………………
23 ~ #
24 ~ # wget myapp-clusterip1-externalname -O mytest.html
25 Connecting to myapp-clusterip1-externalname (10.100.201.103:80)
26 mytest.html 100%
27 ~ #
28 ~ # cat mytest.html
29 Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
mytest 名称空间的Pod,访问 myns 名称空间的Service:myapp-clusterip1
1 [root@k8s-master cross_ns]# kubectl exec -it -n mytest myapp-deploy2-dc8f96497-w47dt sh
2 / # cd /root/
3 ### 如下说明在同一名称空间下,通信无问题
4 ~ # ping myapp-clusterip2
5 PING myapp-clusterip2 (10.100.201.103): 56 data bytes
6 64 bytes from 10.100.201.103: seq=0 ttl=64 time=0.087 ms
7 64 bytes from 10.100.201.103: seq=1 ttl=64 time=0.073 ms
8 ………………
9 ~ #
10 ~ # wget myapp-clusterip2 -O mytest.html
11 Connecting to myapp-clusterip2 (10.100.201.103:80)
12 mytest.html 100%
13 ~ #
14 ~ # cat mytest.html
15 Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
16
17 ### 如下说明通过Service externalname类型,实现了Pod跨namespace名称空间与Service访问
18 ~ # ping myapp-clusterip2-externalname
19 PING myapp-clusterip2-externalname (10.100.61.11): 56 data bytes
20 64 bytes from 10.100.61.11: seq=0 ttl=64 time=0.089 ms
21 64 bytes from 10.100.61.11: seq=1 ttl=64 time=0.071 ms
22 ………………
23 ~ #
24 ~ # wget myapp-clusterip2-externalname -O myns.html
25 Connecting to myapp-clusterip2-externalname (10.100.61.11:80)
26 myns.html 100%
27 ~ #
28 ~ # cat myns.html
29 Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
由上可见,实现了Pod跨namespace名称空间与Service访问。
完毕!
———END——— 如果觉得不错就关注下呗 (-^O^-) !
- 谈谈C# 4.0新特性“缺省参数”的实现
- 如何实现对上下文(Context)数据的统一管理 [提供源代码下载]
- 不再和人工智能对弈?柯洁:我要食言了
- Spring实战——Profile
- Spring实战——XML和JavaConfig的混合配置
- ambari安装指南
- Spring实战——通过Java代码装配bean
- WCF技术剖析之三十一: WCF事务编程[中篇]
- Spring实战——无需一行xml配置实现自动化注入
- 基于改进人工蜂群算法的K均值聚类算法(附MATLAB版源代码)
- RabbitMQ入门-Routing直连模式
- WCF技术剖析之三十二:一步步创建一个完整的分布式事务应用
- .NET的资源并不限于.resx文件,你可以采用任意存储形式[上篇]
- RabbitMQ入门-消息订阅模式
- JavaScript 教程
- JavaScript 编辑工具
- JavaScript 与HTML
- JavaScript 与Java
- JavaScript 数据结构
- JavaScript 基本数据类型
- JavaScript 特殊数据类型
- JavaScript 运算符
- JavaScript typeof 运算符
- JavaScript 表达式
- JavaScript 类型转换
- JavaScript 基本语法
- JavaScript 注释
- Javascript 基本处理流程
- Javascript 选择结构
- Javascript if 语句
- Javascript if 语句的嵌套
- Javascript switch 语句
- Javascript 循环结构
- Javascript 循环结构实例
- Javascript 跳转语句
- Javascript 控制语句总结
- Javascript 函数介绍
- Javascript 函数的定义
- Javascript 函数调用
- Javascript 几种特殊的函数
- JavaScript 内置函数简介
- Javascript eval() 函数
- Javascript isFinite() 函数
- Javascript isNaN() 函数
- parseInt() 与 parseFloat()
- escape() 与 unescape()
- Javascript 字符串介绍
- Javascript length属性
- javascript 字符串函数
- Javascript 日期对象简介
- Javascript 日期对象用途
- Date 对象属性和方法
- Javascript 数组是什么
- Javascript 创建数组
- Javascript 数组赋值与取值
- Javascript 数组属性和方法
- Linux静态链接库使用类模板的快速排序算法
- TP5(thinkPHP5)框架使用ajax实现与后台数据交互的方法小结
- php post换行的方法
- apache实现部署多个网站(一个ip部署多域名)的方法详解
- windows7 32、64位下python爬虫框架scrapy环境的搭建方法
- python实现简单名片管理系统
- PHP7创建COOKIE和销毁COOKIE的实例方法
- PHP实现新型冠状病毒疫情实时图的实例
- 深入浅析Python2.x和3.x版本的主要区别
- 用户态进程如何得到虚拟地址对应的物理地址?
- Linux中利用grep命令如何检索文件内容详解
- laravel框架学习笔记之组件化开发实现方法
- PHP7创建销毁session的实例方法
- Vim如何使用相对行号实现一切操作详解
- laravel 框架执行流程与原理简单分析