中山半江红网站建设,专业的网络营销公司,新媒体运营和ui设计哪个好,免费咨询英文一 、服务发布方式对比 二者主要区别在于#xff1a;
1、部署复杂性#xff1a;传统的服务发布方式通常涉及手动配置 和管理服务器、网络设置、负载均衡等#xff0c;过程相对复 杂且容易出错。相比之下#xff0c;Kubernetes服务发布方式 通过使用容器编排和自动化部署工…
一 、服务发布方式对比 二者主要区别在于
1、部署复杂性传统的服务发布方式通常涉及手动配置 和管理服务器、网络设置、负载均衡等过程相对复 杂且容易出错。相比之下Kubernetes服务发布方式 通过使用容器编排和自动化部署工具简化了部署过程使得服务的创建、部署和管理更加容易和高效。
2、弹性伸缩Kubernetes 具有自动弹性伸缩功能可 以根据实际需求自动增加或减少容器数量以保持服 务的稳定性和性能。传统服务发布方式通常需要手动 调整服务器规模难以实现快速弹性伸缩。
3、容错性Kubernetes 具有内置的容错机制当某个 容器出现故障时Kubernetes 会自动将其从集群中 移除并重新启动一个新的容器。这有助于保持服务 的可用性和稳定性。传统服务发布方式可能无法很好 地处理此类故障导致服务中断。
4、资源利用率Kubernetes 通过容器化技术可以实 现资源的共享和动态分配提高了资源的利用率。传 统服务发布方式可能会因服务器资源的浪费而降低资 源利用率。
5、可维护性Kubernetes 提供了强大的可维护性功 能例如服务发现、配置管理和版本控制等。这些功 能有助于简化服务的维护和升级过程。传统服务发布 方式可能需要更多的手动维护工作且升级过程可能 更加复杂。
6、成本虽然 Kubernetes 需要一定的学习曲线和初始 配置成本但从长远来看其自动化部署、弹性伸缩 和资源优化等功能可以帮助企业节省大量的运维成 本。传统服务发布方式可能需要更多的运维人力和资 源投入。
二、Label 和 Selector
Label标签可以对 K8S 的些对象如 Pod 和节点 进行分组通过添加 keyvalue 格式的标签用于区 分同样的资源不同的分组。
Selector标签选择器可以根据资源标签查询出精 确的对象信息。 1、自定义 Label
为某个节点添加标签 Label [rootk8s-master wp]# kubectl label nodes k8s-node01 abc1node/k8s-node01 labeled[rootk8s-master wp]# kubectl get node -l abc1NAME STATUS ROLES AGE VERSIONk8s-node01 Ready none 11d v1.28.2
在 deployment 或其他控制器中指定将 Pod 部署到该 节点
(创建nginx deployment 让他只能部署在node01上) [rootk8s-master wp]# vim nginx-deploy.yamlapiVersion: apps/v1kind: Deploymentmetadata:name: nginxspec:replicas: 3selector:matchLabels:app: nginxtemplate:metadata:labels:app: nginxspec:nodeSelector:abc: 1containers:- name: nginximage: docker.io/library/nginx:latestimagePullPolicy: Neverports:- name: nginxportcontainerPort: 80[rootk8s-master wp]# kubectl create -f nginx-deploy.yaml deployment.apps/nginx created[rootk8s-master wp]# kubectl get pod -owideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATEScluster-test-66bb44bd88-zdfdf 1/1 Running 4 (45m ago) 10d 172.16.85.214 k8s-node01 none nonemariadb-deployment-55bc54f6f5-kbbzm 1/1 Running 0 107m 172.16.58.215 k8s-node02 none nonenginx-6bb6dc9958-5b965 1/1 Running 0 55s 172.16.85.219 k8s-node01 none nonenginx-6bb6dc9958-hx4wg 1/1 Running 0 55s 172.16.85.218 k8s-node01 none nonenginx-6bb6dc9958-wlhj9 1/1 Running 0 55s 172.16.85.220 k8s-node01 none none# pod已添加到node01节点上
2、污点信息 # 查看master的污点信息该master为禁调度节点[rootk8s-master wp]# kubectl describe nodes k8s-master | grep TaintsTaints: node-role.kubernetes.io/control-plane:NoSchedule# 可通过该命令去除master节点的禁调度污点但正常情况下不允许这么做因为master节点是管理node节点的不需要进行负载[rootk8s-master wp]# kubectl taint node k8s-master node-role.kubernetes.io/control-planeerror: at least one taint update is required[rootk8s-master wp]# kubectl taint node k8s-master node-role.kubernetes.io/control-plane:NoScheduleerror: node k8s-master already has node-role.kubernetes.io/control-plane taint(s) with same effect(s) and --overwrite is false
3、为各节点设置 Label # 为master节点设置master角色标签[rootk8s-master wp]# kubectl label nodes k8s-master rolemasternode/k8s-master labeled# 为node节点设置node角色标签[rootk8s-master wp]# kubectl label nodes k8s-node01 k8s-node02 rolenodenode/k8s-node01 labelednode/k8s-node02 labeled
4、Selector 选择器 # 查看所有节点的标签[rootk8s-master wp]# kubectl get nodes --show-labels NAME STATUS ROLES AGE VERSION LABELSk8s-master Ready control-plane 11d v1.28.2 beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-master,kubernetes.io/oslinux,node-role.kubernetes.io/control-plane,node.kubernetes.io/exclude-from-external-load-balancers,rolemasterk8s-node01 Ready none 11d v1.28.2 abc11,beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-node01,kubernetes.io/oslinux,rolenodek8s-node02 Ready none 11d v1.28.2 beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-node02,kubernetes.io/oslinux,rolenode# 匹配标签匹配规则role这个key的value在master和node之间[rootk8s-master wp]# kubectl get nodes -l role in (master, node)NAME STATUS ROLES AGE VERSIONk8s-master Ready control-plane 11d v1.28.2k8s-node01 Ready none 11d v1.28.2k8s-node02 Ready none 11d v1.28.2# 选择匹配role为master或node且不包括abc1的node[rootk8s-master wp]# kubectl get nodes -l abc!1,role in (master, node)NAME STATUS ROLES AGE VERSIONk8s-master Ready control-plane 11d v1.28.2k8s-node02 Ready none 11d v1.28.2# 匹配标签的key为abc的node[rootk8s-master wp]# kubectl get nodes -l abcNAME STATUS ROLES AGE VERSIONk8s-node01 Ready none 11d v1.28.2
5、修改标签
将 abc1 这个标签改为 abc11直接指定 key 然后使用 --overwrite 参数重写标签 [rootk8s-master wp]# kubectl label nodes k8s-node01 abc11error: abc already has a value (1), and --overwrite is false[rootk8s-master wp]# kubectl label nodes k8s-node01 abc11 --overwrite node/k8s-node01 labeled[rootk8s-master wp]# kubectl get node --show-labelsNAME STATUS ROLES AGE VERSION LABELSk8s-master Ready control-plane 11d v1.28.2 beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-master,kubernetes.io/oslinux,node-role.kubernetes.io/control-plane,node.kubernetes.io/exclude-from-external-load-balancersk8s-node01 Ready none 11d v1.28.2 abc11,beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-node01,kubernetes.io/oslinuxk8s-node02 Ready none 11d v1.28.2 beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-node02,kubernetes.io/oslinux[rootk8s-master wp]# kubectl get pod -owideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATEScluster-test-66bb44bd88-zdfdf 1/1 Running 6 (29m ago) 10d 172.16.85.214 k8s-node01 none nonemariadb-deployment-55bc54f6f5-kbbzm 1/1 Running 0 3h30m 172.16.58.215 k8s-node02 none nonenginx-6bb6dc9958-5b965 1/1 Running 0 104m 172.16.85.219 k8s-node01 none nonenginx-6bb6dc9958-hx4wg 1/1 Running 0 104m 172.16.85.218 k8s-node01 none nonenginx-6bb6dc9958-wlhj9 1/1 Running 0 104m 172.16.85.220 k8s-node01 none none[rootk8s-master wp]# kubectl delete -f nginx-deploy.yamldeployment.apps nginx deleted[rootk8s-master wp]# kubectl create -f nginx-deploy.yamldeployment.apps/nginx created# 找不到标签为abc1的node节点就会自动挂起[rootk8s-master wp]# kubectl get pod -owideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATEScluster-test-66bb44bd88-zdfdf 1/1 Running 6 (30m ago) 10d 172.16.85.214 k8s-node01 none nonemariadb-deployment-55bc54f6f5-kbbzm 1/1 Running 0 3h31m 172.16.58.215 k8s-node02 none nonenginx-6bb6dc9958-l4mrm 0/1 Pending 0 2s none none none nonenginx-6bb6dc9958-mw29p 0/1 Pending 0 2s none none none nonenginx-6bb6dc9958-v8flb 0/1 Pending 0 2s none none none none
6、删除标签
删除 node01 的 abc11 的标签 [rootk8s-master wp]# kubectl label nodes k8s-node01 role-node/k8s-node01 unlabeled[rootk8s-master wp]# kubectl get node --show-labels | grep k8s-node01k8s-node01 Ready none 11d v1.28.2 abc11,beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-node01,kubernetes.io/oslinux[rootk8s-master wp]# kubectl label nodes k8s-node01 abc-node/k8s-node01 unlabeled[rootk8s-master wp]# kubectl get node --show-labels | grep k8s-node01k8s-node01 Ready none 11d v1.28.2 beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-node01,kubernetes.io/oslinux
批量删除标签 # 先为多个节点设定标签[rootk8s-master wp]# kubectl label nodes k8s-master k8s-node01 k8s-node02 typehahanode/k8s-master labelednode/k8s-node01 labelednode/k8s-node02 labeled# 直接让所有node节点删除以type为key的标签[rootk8s-master wp]# kubectl label nodes -l type type-node/k8s-master unlabelednode/k8s-node01 unlabelednode/k8s-node02 unlabeled# 为多个节点设定标签[rootk8s-master wp]# kubectl label nodes k8s-master k8s-node01 k8s-node02 typehahanode/k8s-master labelednode/k8s-node01 labelednode/k8s-node02 labeled# 可以使用for循环删除多个但并非全部节点的标签[rootk8s-master wp]# for i in 01 02;do kubectl label nodes k8s-node$i type-;donenode/k8s-node01 unlabelednode/k8s-node02 unlabeled[rootk8s-master wp]# kubectl get nodes --show-labels NAME STATUS ROLES AGE VERSION LABELSk8s-master Ready control-plane 11d v1.28.2 beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-master,kubernetes.io/oslinux,node-role.kubernetes.io/control-plane,node.kubernetes.io/exclude-from-external-load-balancers,rolemaster,typehahak8s-node01 Ready none 11d v1.28.2 beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-node01,kubernetes.io/oslinuxk8s-node02 Ready none 11d v1.28.2 beta.kubernetes.io/archamd64,beta.kubernetes.io/oslinux,kubernetes.io/archamd64,kubernetes.io/hostnamek8s-node02,kubernetes.io/oslinux
三、Service
1、K8S 的 Service
Kubernetesk8s中的 Service 是一种抽象概念它定 义了一种可以访问 Pod 逻辑分组的策略。它通常通过 Label Selector 访问 Pod 组解决了 Pod 的 IP 地址可 能发生变化的问题。 2、定义 Service
需要注意的是Service 能够将一个接收端口映射到任意 的 targetPort但如果 targetPort 为空targetPort 将 被设置为与 Port 字段相同的值。targetPort 可以设置为 一个字符串可引用 backend Pod 的一个端口的名称 这样的话即使更改了 Pod 的端口也不会对 Service 的 访问造成影响。
Kubernetes Service 能够支持 TCP、UDP、STCP 等协 议默认为 TCP 协议。 # 访问server001:80 即可访问到具有 appserver001 标签的 Pod 的80 端口上。[rootk8s-master wp]# vim server001.yamlapiVersion: v1kind: Servicemetadata:name: server001spec:selector:app: server001 # 要匹配的pod标签ports:- port: 80 # service的端口 protocol: TCP # 协议targetPort: 80 # 目标容器的端口type: ClusterIP[rootk8s-master wp]# kubectl create -f server001.yaml service/server001 created[rootk8s-master wp]# kubectl get serviceNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 none 443/TCP 11dserver001 ClusterIP 10.96.96.142 none 80/TCP 13s[rootk8s-master wp]# curl 10.96.96.142:80curl: (7) Failed connect to 10.96.96.142:80; 拒绝连接
3、创建 Service
1使用service代理pod [rootk8s-master wp]# kubectl run serverpodtest --image docker.io/library/nginx:alpine --image-pull-policy Neverpod/serverpodtest created[rootk8s-master wp]# kubectl label pod serverpodtest appserver001pod/serverpodtest labeled[rootk8s-master wp]# kubectl get pod --show-labels NAME READY STATUS RESTARTS AGE LABELScluster-test-66bb44bd88-zdfdf 1/1 Running 6 (43m ago) 10d appcluster-test,pod-template-hash66bb44bd88mariadb-deployment-55bc54f6f5-kbbzm 1/1 Running 0 3h45m appmariadb,pod-template-hash55bc54f6f5serverpodtest 1/1 Running 0 114s appserver001,runserverpodtest[rootk8s-master wp]# curl 10.96.96.142:80!DOCTYPE htmlhtmlheadtitleWelcome to nginx!/titlestylehtml { color-scheme: light dark; }body { width: 35em; margin: 0 auto;font-family: Tahoma, Verdana, Arial, sans-serif; }/style/headbodyh1Welcome to nginx!/h1pIf you see this page, the nginx web server is successfully installed andworking. Further configuration is required./ppFor online documentation and support please refer toa hrefhttp://nginx.org/nginx.org/a.br/Commercial support is available ata hrefhttp://nginx.com/nginx.com/a./ppemThank you for using nginx./em/p/body/html
2使用service代理deployment
重新定义了一个service
deployment [rootk8s-master wp]# vim deployment001.yamlapiVersion: apps/v1kind: Deploymentmetadata:name: test000deployment # deploy资源名称labels:app: test000deployment # 标签run: abcspec:replicas: 4selector:matchLabels:app: nginxtest # 配置pod标签template:metadata:labels:app: nginxtestspec:containers:- name: nginximage: docker.io/library/nginx:alpineimagePullPolicy: Neverports:- name: nginxportcontainerPort: 80
service [rootk8s-master wp]# vim service001.yamlapiVersion: v1kind: Servicemetadata:name: nginxtestspec:selector:app: nginxtestports:- port: 80targetPort: 80protocol: TCPtype: ClusterIP
代理测试 [rootk8s-master wp]# kubectl create -f deployment001.yaml[rootk8s-master wp]# kubectl create -f service001.yaml [rootk8s-master wp]# kubectl get poNAME READY STATUS RESTARTS AGEcluster-test-66bb44bd88-zdfdf 1/1 Running 7 (57m ago) 10dmariadb-deployment-55bc54f6f5-kbbzm 1/1 Running 0 4h58mtest000deployment-5496fcbccd-4t87g 1/1 Running 0 9m5stest000deployment-5496fcbccd-bng7r 1/1 Running 0 9m5stest000deployment-5496fcbccd-gmpxm 1/1 Running 0 9m5stest000deployment-5496fcbccd-h2kms 1/1 Running 0 9m5s[rootk8s-master wp]# kubectl get serviceNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 none 443/TCP 11dnginxtest ClusterIP 10.96.99.183 none 80/TCP 2m37s# curl通说明service和pod连接成功# 此时如果删除了pod根据deployment特性会再次建立pod而这时pod的IP地址会发生变化# 但根据k8s的service特性不论后面的pod的IP如何变化只要绑定了对应pod的标签就可以访问到pod[rootk8s-master wp]# curl 10.96.99.183!DOCTYPE htmlhtmlheadtitleWelcome to nginx!/title
4、Service 类型
K8S Service Type服务类型主要包括
ClusterIP在集群内部使用默认值只能从集群中 访问。
NodePort在所有安装了 Kube-Proxy 的节点上打 开一个端口此端口可以代理至后端Pod可以通过 NodePort 从集群外部访问集群内的服务格式为 NodelP:NodePort。
LoadBalancer使用云提供商的负载均衡器公开服 务成本较高。
ExternalName通过返回定义的 CNAME 别名没 有设置任何类型的代理需要1.7 或更高版本kubedns 支持。
5、NodePort 类型
如果将 Service 的 Type 字段设置为 NodePort则 K8S 将从指定范围(默认 30000-32767)内自动分配端口也 可手动指定 NodePort创建该 Service 后集群中的每 个节点都将暴露一个端口通过某个宿主机的 IP端口即 可访问到后端应用。
定义格式如下 [rootk8s-master wp]# vim service001.yaml apiVersion: v1kind: Servicemetadata:name: nginxtestspec:selector:app: nginxtestports:- port: 80targetPort: 80protocol: TCPtype: NodePort
重新加载 yaml [rootk8s-master wp]# kubectl delete -f service001.yaml service nginxtest deleted[rootk8s-master wp]# kubectl create -f service001.yaml service/nginxtest created# 服务的80端口映射到了宿主机的30462端口[rootk8s-master wp]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 none 443/TCP 11dnginxtest NodePort 10.96.70.126 none 80:30462/TCP 6s
宿主机访问测试http://10.0.0.66:30462 修改随机端口为指定端口范围30000-32767 [rootk8s-master wp]# kubectl edit svc nginxtest error: services nginxtest is invalidservice/nginxtest edited 再次访问测试
三个节点都是可以访问的 6、使用 Service 代理 K8S 外部 服务
使用场景
希望在生产环境中使用某个固定的名称而非 IP 地址访 问外部的中间件服务;
希望 Service 指向另一个 Namespace 中或其他集群 中的服务;
正在将工作负载转移到 Kubernetes 集群但是一部 分服务仍运行在 Kubernetes 集群之外的 backend。
外部Service 配置 [rootk8s-master wp]# vim test001ext.yamlapiVersion: v1kind: Servicemetadata:name: test001servicespec:selector:app: extports:- port: 80targetPort: 80protocol: TCPtype: ClusterIP # 修改类型为ClusterIP只需要k8s集群访问---apiVersion: v1kind: Endpointsmetadata:name: extlabels:app: extsubsets:- addresses:- ip: 10.0.0.99 # 更改为另一台主机的IP这台主机要安装nginx方便测试ports:- name: nginxport: 80protocol: TCP[rootk8s-master wp]# kubectl create -f test001ext.yaml service/test001service createdendpoints/ext created
四、实战Ingress 搭建 NginxWP 论坛 MariaDB
1、网站架构 本次部署形式完全舍弃 Docker将所有应用都置于 Kubernetes采用 Deployment 而非单 Pod 部署稳 定性得到升级。、
在上次实战环节Nginx 作为反向代理服务器在本次 实战中Nginx 便作为 Ingress Controller。Wordpress 扩容到两个提高可用性。而 MariaDB 因为要保证数据 一致性所以只用一个实例。
2、部署 MariaDB
1定义 ConfigMap # configmap[rootk8s-master aa]# vim mariadb-configmap.yamlapiVersion: v1kind: ConfigMapmetadata:name: mariadb-configmapdata:USER: wpPASSWORD: 123ROOT_PASSWORD: 123DATABASE: db
2定义 Deployment # deployment[rootk8s-master aa]# vim mariadb-deployment.yamlapiVersion: apps/v1kind: Deploymentmetadata:name: mariadb-deploymentlabels:app: mariadb-deploymentspec:replicas: 1selector:matchLabels:app: mariadb-deploymenttemplate:metadata:labels:app: mariadb-deploymentspec:containers:- name: mariadbimage: docker.io/library/mariadb:latestimagePullPolicy: Neverports:- name: mariadbportcontainerPort: 3306envFrom:- prefix: MARIADB_configMapRef:name: mariadb-configmap
3定义 Service # service[rootk8s-master aa]# vim mariadb-service.yamlapiVersion: v1kind: Servicemetadata:name: mariadb-servicespec:selector:app: mariadb-deployment # 指定mariaDB的deployment标签ports:- port: 3306targetPort: 3306protocol: TCPtype: NodePort
4启动 MariaDB [rootk8s-master aa]# kubectl create -f mariadb-configmap.yaml configmap/mariadb-configmap created[rootk8s-master aa]# kubectl get cmNAME DATA AGEkube-root-ca.crt 1 11dmariadb-configmap 4 13m[rootk8s-master aa]# kubectl create -f mariadb-deployment.yaml deployment.apps/mariadb-deployment created[rootk8s-master aa]# kubectl get pod -owideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATEScluster-test-66bb44bd88-zdfdf 1/1 Running 9 (48m ago) 11d 172.16.85.214 k8s-node01 none nonemariadb-deployment-5bf6d9f98c-lxlhm 1/1 Running 0 4m47s 172.16.58.221 k8s-node02 none none[rootk8s-master aa]# mysql -h172.16.58.221 -p123MariaDB [(none)] [rootk8s-master aa]# kubectl create -f mariadb-service.yaml service/mariadb-service created[rootk8s-master aa]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 none 443/TCP 11dmariadb-service NodePort 10.96.247.148 none 3306:30318/TCP 24s 使用测试工具进行测试访问解析域名 [rootk8s-master aa]# kubectl get podNAME READY STATUS RESTARTS AGEcluster-test-66bb44bd88-zdfdf 1/1 Running 10 (105s ago) 11d[rootk8s-master aa]# kubectl exec -it pods/cluster-test-66bb44bd88-zdfdf -- bash(08:44 cluster-test-66bb44bd88-zdfdf:/) nslookup mariadb-serviceServer: 10.96.0.10Address: 10.96.0.10#53Name: mariadb-service.default.svc.cluster.localAddress: 10.96.247.148
3、部署 Wrodpress
1定义 ConfigMap [rootk8s-master aa]# vim wordpress-configmap.yamlapiVersion: v1kind: ConfigMapmetadata:name: wordpress-configmapdata:NAME: dbUSER: wpPASSWORD: 123HOST: mariadb-service # 将此处写为mariadb的service名称不用再写IP
2定义Deployment [rootk8s-master aa]# vim wordpress-deployment.yaml apiVersion: apps/v1kind: Deploymentmetadata:name: wordpress-deploymentlabels:app: wordpress-deploymentspec:replicas: 2selector:matchLabels:app: wordpress-deploymenttemplate:metadata:labels:app: wordpress-deploymentspec:containers:- name: wpimage: docker.io/library/wordpress:latestimagePullPolicy: Neverports:- name: wordpressprotcontainerPort: 80envFrom:- prefix: WORDPRESS_DB_configMapRef:name: wordpress-configmap
3定义 Service [rootk8s-master aa]# vim wordpress-service.yamlapiVersion: v1kind: Servicemetadata:name: wordpress-servicespec:selector:app: wordpress-deploymentports:- name: httpport: 80targetPort: 80nodePort: 32000protocol: TCPtype: NodePort
4启动 WordPress [rootk8s-master aa]# kubectl create -f wordpress-configmap.yaml configmap/wordpress-configmap created[rootk8s-master aa]# kubectl get cmNAME DATA AGEkube-root-ca.crt 1 11dmariadb-configmap 4 84mwordpress-configmap 4 1s[rootk8s-master aa]# kubectl create -f wordpress-deployment.yaml deployment.apps/wordpress-deployment created[rootk8s-master aa]# kubectl get deployments.apps NAME READY UP-TO-DATE AVAILABLE AGEcluster-test 1/1 1 1 11dmariadb-deployment 1/1 1 1 74mwordpress-deployment 2/2 2 2 2s[rootk8s-master aa]# kubectl create -f wordpress-service.yaml service/wordpress-service created[rootk8s-master aa]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 none 443/TCP 12dmariadb-service NodePort 10.96.247.148 none 3306:30318/TCP 62mwordpress-service NodePort 10.96.67.149 none 80:32000/TCP 2s
现在就可以做访问网站测试了此时是没有 Ingress 的
4、访问测试
访问 10.0.0.66:32000 五、Ingress
1、Ingress 概念
Ingress 是 Kubernetes 中的一种资源对象用于将外部 流量路由到集群内部的服务。它充当了一个入口 (gateway) 的角色可以根据不同的规则将流量导向到不 同的服务从而实现负载均衡和路由管理。
使用 ingress 可以将多个服务公开给外部网络并进行 灵活的流量控制。通常与 ingress controller如 nginx ingress controller、HAProxy 等一起使用ingress controller 负责实际的流量管理和请求转发操作。
Service 是由 kube-proxy 控制的四层负载均衡端口 IP而 Ingress 是七层负载均衡的 API 对象主机名、 URI、请求头、证书等。 2、Ingress Controller
Service 本身是没有服务能力的它只是一些 iptables 规 则真正配置、应用这些规则的实际上是节点里的 kube-proxy 组件。如果没有 kube-proxyService 定义 得再完善也没有用。
Ingress 也只是一些 HTTP 路由规则的集合相当于一份 静态的描述文件真正要把这些规则在集群里实施运 行还需要有另外一个东西这就是 Ingress Controller它的作用就相当于 Service 的 kubeproxy能够读取、应用 Ingress 规则处理、调度流 量。
Nginx 是代理服务器中稳定性最好、性能最高的产品 所以它可以被誉为 Kubernetes 里应用最为广泛的 Ingress Controller。
3、Ingress Class
随着 Ingress 在实践中的大量应用很多用户发现 IngressIngress Controller 这种用法会带来一些问题 比如
由于某些原因项目组需要引入不同的 Ingress Controller但 Kubernetes 不允许这样做。
Ingress 规则太多都交给一个 Ingress Controller 处 理会让它不堪重负。
多个 Ingress 对象没有很好的逻辑分组方式管理和 维护成本很高。
集群里有不同的租户他们对 Ingress 的需求差异很 大甚至有冲突无法部署在同一个 Ingress Controller 上。
而 K8S 提出了一个 Ingress Class 的概念让它插在 Ingress 和 Ingress Controller 中间作为流量规则和控 制器的协调人解除了 Ingress 和 Ingress Controller 的 强绑定关系。
Kubernetes 用户可以转向管理 Ingress Class用它来 定义不同的业务逻辑分组简化 Ingress 规则的复杂 度。
比如说我们可以用 Class A 处理博客流量、Class B 处 理短视频流量、Class C 处理购物流量。 4、部署 Nginx Ingress Controller
1安装 Ingress Controller [rootk8s-master aa]# kubectl create -f ingress.yaml [rootk8s-master aa]# kubectl get pod -n ingress-nginx NAME READY STATUS RESTARTS AGEingress-nginx-admission-create-mp7xv 0/1 Completed 0 21mingress-nginx-admission-patch-922p4 0/1 Completed 0 21mingress-nginx-controller-674f66cf96-6wljn 1/1 Running 0 21m[rootk8s-master aa]# kubectl describe pod -n ingress-nginx ingress-nginx-controller-674f66cf96-6wljnEvents:Type Reason Age From Message---- ------ ---- ---- -------Normal Scheduled 25m default-scheduler Successfully assigned ingress-nginx/ingress-nginx-controller-674f66cf96-6wljn to k8s-node01Warning FailedMount 23m (x8 over 25m) kubelet MountVolume.SetUp failed for volume webhook-cert : secret ingress-nginx-admission not foundNormal Pulling 22m kubelet Pulling image registry.cn-beijing.aliyuncs.com/dotbalo/ingress-nginx-controller:v1.7.1Normal Pulled 20m kubelet Successfully pulled image registry.cn-beijing.aliyuncs.com/dotbalo/ingress-nginx-controller:v1.7.1 in 2m27.43s (2m27.43s including waiting)Normal Created 20m kubelet Created container controllerNormal Started 20m kubelet Started container controllerNormal RELOAD 20m nginx-ingress-controller NGINX reload triggered due to a change in configuration[rootk8s-master aa]# kubectl get svc -A | grep ingress-nginxNAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEingress-nginx ingress-nginx-controller NodePort 10.96.144.127 none 80:30886/TCP,443:31360/TCP 27mingress-nginx ingress-nginx-controller-admission ClusterIP 10.96.126.23 none 443/TCP 27m# 记住ingress-nginx-controller的端口映射8030886
2部署 Ingress [rootk8s-master aa]# vim ingress-001.yaml apiVersion: networking.k8s.io/v1kind: Ingressmetadata:name: wp-ingress # Ingress名称namespace: defaultspec:ingressClassName: nginx # Controller类型rules: # 路由规则- host: wp-web.com # 域名http:paths:- path: /pathType: ImplementationSpecific # 路径匹配⽅式backend:service:name: wordpress-service # service名称这里要匹配到wordpress的serviceport:number: 80 # service的端⼝号[rootk8s-master aa]# kubectl create -f ingress-001.yaml ingress.networking.k8s.io/wp-ingress created[rootk8s-master ~]# kubectl get ingressNAME CLASS HOSTS ADDRESS PORTS AGEwp-ingress nginx wp-web.com 10.0.0.77 80 9h[rootk8s-master aa]# kubectl get podNAME READY STATUS RESTARTS AGEcluster-test-66bb44bd88-zdfdf 1/1 Running 15 (37m ago) 11dmariadb-deployment-5bf6d9f98c-lxlhm 1/1 Running 1 (97m ago) 18hwordpress-deployment-d6cd85444-74848 1/1 Running 1 (97m ago) 16hwordpress-deployment-d6cd85444-hnxxh 1/1 Running 1 (97m ago) 16h[rootk8s-master aa]# kubectl exec -it cluster-test-66bb44bd88-zdfdf -- bash(02:39 cluster-test-66bb44bd88-zdfdf:/) nslookup wordpress-serviceServer: 10.96.0.10Address: 10.96.0.10#53Name: wordpress-service.default.svc.cluster.localAddress: 10.96.67.149[rootk8s-master ~]# kubectl get pod -n ingress-nginxNAME READY STATUS RESTARTS AGEingress-nginx-admission-create-mp7xv 0/1 Completed 0 9hingress-nginx-admission-patch-922p4 0/1 Completed 0 9hingress-nginx-controller-674f66cf96-6wljn 1/1 Running 1 (8h ago) 9h# 修改本机的域名解析 [rootk8s-master aa]# kubectl get service -n ingress-nginx NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEingress-nginx-controller NodePort 10.96.144.127 none 80:30886/TCP,443:31360/TCP 57mingress-nginx-controller-admission ClusterIP 10.96.126.23 none 443/TCP 57m 遗留问题重启后数据库信息将消失 解决方案持久化保存
