×
ABao阿宝
天下难事,必作于易;天下大事,必作于细。
kubernetes Service 之 headless和statefulSet
分类:
学习笔记
发表:2020-08-22
围观(1648)
抢沙发
#### 一、首先说headless Service和普通Service的区别 headless不分配clusterIP headless service可以通过解析service的DNS,返回所有Pod的地址和DNS(statefulSet部署的Pod才有DNS) 普通的service,只能通过解析service的DNS返回service的ClusterIP #### 二、statefulSet和Deployment控制器的区别 statefulSet下的Pod有DNS地址,通过解析Pod的DNS可以返回Pod的IP deployment下的Pod没有DNS #### 三、普通Service接续service的DNS结果 Service的ClusterIP工作原理:一个service可能对应一组endpoints(所有pod的地址+端口),client访问ClusterIP,通过iptables或者ipvs转发到Real Server(Pod),具体操作如下 ``` #获取所有svc,看到gateway这个service的clusterIP是10.0.0.14 [root@master01 ~]# kubectl get svc -n ms NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE eureka ClusterIP None <none> 8888/TCP 21h gateway ClusterIP 10.0.0.14 <none> 9999/TCP 20h mysql-production ClusterIP 10.0.0.251 <none> 3306/TCP 23h portal ClusterIP 10.0.0.124 <none> 8080/TCP 17h #看到gateway这个service的具体信息 [root@master01 ~]# kubectl describe svc gateway -n ms Name: gateway Namespace: ms Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"gateway","namespace":"ms"},"spec":{"ports":[{"name":"gateway","po... Selector: app=gateway,project=ms Type: ClusterIP IP: 10.0.0.14 Port: gateway 9999/TCP TargetPort: 9999/TCP Endpoints: 10.244.1.212:9999 #该service下的Pod地址 Session Affinity: None Events: <none> #进入一个容器测试解析 [root@master01 ~]# kubectl exec -it gateway-6cd76c98fb-8w92t -n ms sh #测试解析gateway这个service的DNS # nslookup gateway.ms.svc.cluster.local nslookup: can't resolve '(null)': Name does not resolve Name: gateway.ms.svc.cluster.local #这个结果就是gateway这个service的ClusterIP Address 1: 10.0.0.14 gateway.ms.svc.cluster.local ``` 从上面的结果能看到,虽然Service有1个endpoint,但是DNS查询时只会返回Service的ClusterIP地址,具体Client访问的是哪个real server,由iptables或者ipvs决定 #### 四、headless Service的解析service的DNS结果 ``` #查看所有SVC,看到eureka的这个headless service [root@master01 ~]# kubectl get svc -n ms NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE eureka ClusterIP None <none> 8888/TCP 21h gateway ClusterIP 10.0.0.14 <none> 9999/TCP 20h mysql-production ClusterIP 10.0.0.251 <none> 3306/TCP 23h portal ClusterIP 10.0.0.124 <none> 8080/TCP 18h #看到eureka的这个headless service下面的endpoints [root@master01 ~]# kubectl describe svc eureka -n ms Name: eureka Namespace: ms Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"eureka","namespace":"ms"},"spec":{"clusterIP":"None","ports":[{"n... Selector: app=eureka,project=ms Type: ClusterIP IP: None Port: eureka 8888/TCP TargetPort: 8888/TCP Endpoints: 10.244.1.210:8888,10.244.1.211:8888,10.244.2.45:8888 Session Affinity: None Events: <none> #进入容器测试解析 [root@master01 ~]# kubectl exec -it gateway-6cd76c98fb-8w92t -n ms sh #通过解析eureka这个headless service的DNS地址,可以看到关联的具体endpoints信息 / # nslookup eureka.ms.svc.cluster.local nslookup: can't resolve '(null)': Name does not resolve Name: eureka.ms.svc.cluster.local Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local Address 2: 10.244.1.210 eureka-0.eureka.ms.svc.cluster.local Address 3: 10.244.2.45 eureka-1.eureka.ms.svc.cluster.local #解析pod的DNS记录,也能返回Pod的IP / # nslookup eureka-2.eureka.ms.svc.cluster.local nslookup: can't resolve '(null)': Name does not resolve Name: eureka-2.eureka.ms.svc.cluster.local Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local ``` 根据结果看到,dns查询会返回3个endpoint,也就是3个pod地址和DNS,通过解析pod的DNS也能返回Pod的IP #### 五、headless Service就是没头的Service,有什么使用场景呢? 第一种:自主选择权,有时候client想自己决定使用哪个Real Server,可以通过查询DNS来获取Real Server的信息 第二种:headless service关联的每个endpoint(也就是Pod),都会有对应的DNS域名;这样Pod之间就可以互相访问 ``` [root@master01 ~]# kubectl get sts -n ms NAME READY AGE eureka 3/3 22h [root@master01 ~]# kubectl get svc -n ms NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE eureka ClusterIP None <none> 8888/TCP 21h [root@master01 ~]# kubectl describe svc eureka -n ms Name: eureka Namespace: ms Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"eureka","namespace":"ms"},"spec":{"clusterIP":"None","ports":[{"n... Selector: app=eureka,project=ms Type: ClusterIP IP: None Port: eureka 8888/TCP TargetPort: 8888/TCP Endpoints: 10.244.1.210:8888,10.244.1.211:8888,10.244.2.45:8888 Session Affinity: None Events: <none> [root@master01 ~]# kubectl exec -it gateway-6cd76c98fb-8w92t -n ms sh / # nslookup eureka.ms.svc.cluster.local nslookup: can't resolve '(null)': Name does not resolve Name: eureka.ms.svc.cluster.local Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local Address 2: 10.244.1.210 eureka-0.eureka.ms.svc.cluster.local Address 3: 10.244.2.45 eureka-1.eureka.ms.svc.cluster.local / # nslookup eureka-2.eureka.ms.svc.cluster.local nslookup: can't resolve '(null)': Name does not resolve Name: eureka-2.eureka.ms.svc.cluster.local Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local / # nslookup eureka-1.eureka.ms.svc.cluster.local nslookup: can't resolve '(null)': Name does not resolve Name: eureka-1.eureka.ms.svc.cluster.local Address 1: 10.244.2.45 eureka-1.eureka.ms.svc.cluster.local / # nslookup eureka-0.eureka.ms.svc.cluster.local nslookup: can't resolve '(null)': Name does not resolve Name: eureka-0.eureka.ms.svc.cluster.local Address 1: 10.244.1.210 eureka-0.eureka.ms.svc.cluster.local ``` 如上,eureka就是我们场景的StatefulSet,对应的pod就是eureka-0,eureka-1,eureka-2,他们之间能互相访问,这样对于一些集群类型的应用就可以解决互相身份识别的问题了 #### 六、为什么要用headless service+statefulSet部署有状态应用? 1.headless service会为关联的Pod分配一个域 ``` <service name>.$<namespace name>.svc.cluster.local ``` 2.StatefulSet会为关联的Pod保持一个不变的Pod Name statefulset中Pod的hostname格式为 ``` $(StatefulSet name)-$(pod序号) ``` 3.StatefulSet会为关联的Pod分配一个dnsName ``` $<Pod Name>.$<service name>.$<namespace name>.svc.cluster.local ``` 参考资料: 1、https://kubernetes.io/docs/concepts/services-networking/service/#headless-services 2、https://www.cnblogs.com/chadiandianwenrou/p/11937041.html
标签:
k8s
本文
暂无
评论
回复给
点击这里取消回复。
验证码(*)
Top
Python
产品设计
学习笔记
网络基础
PHP
经营管理
运维开发
系统测试
Shell
Java
系统开发
Linux运维
运维架构
Go
×
本文 暂无 评论