kubernetes Service 之 headless和statefulSet-学习笔记-ABao阿宝

kubernetes Service 之 headless和statefulSet

分类：学习笔记
发表：2020-08-22
围观(499)
抢沙发

<a href="" title="" target="_blank"></a>#### 一、首先说headless Service和普通Service的区别

headless不分配clusterIP

headless service可以通过解析service的DNS,返回所有Pod的地址和DNS(statefulSet部署的Pod才有DNS)

普通的service,只能通过解析service的DNS返回service的ClusterIP

#### 二、statefulSet和Deployment控制器的区别

statefulSet下的Pod有DNS地址,通过解析Pod的DNS可以返回Pod的IP  deployment下的Pod没有DNS

#### 三、普通Service接续service的DNS结果

Service的ClusterIP工作原理:一个service可能对应一组endpoints(所有pod的地址+端口),client访问ClusterIP,通过iptables或者ipvs转发到Real Server(Pod),具体操作如下

```
#获取所有svc,看到gateway这个service的clusterIP是10.0.0.14
[root@master01 ~]# kubectl get svc -n ms   
NAME               TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)    AGE
eureka             ClusterIP   None         <none>        8888/TCP   21h
gateway            ClusterIP   10.0.0.14    <none>        9999/TCP   20h
mysql-production   ClusterIP   10.0.0.251   <none>        3306/TCP   23h
portal             ClusterIP   10.0.0.124   <none>        8080/TCP   17h
#看到gateway这个service的具体信息
[root@master01 ~]# kubectl describe svc gateway -n ms  
Name:              gateway
Namespace:         ms
Labels:            <none>
Annotations:       kubectl.kubernetes.io/last-applied-configuration:
                     {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"gateway","namespace":"ms"},"spec":{"ports":[{"name":"gateway","po...
Selector:          app=gateway,project=ms
Type:              ClusterIP
IP:                10.0.0.14
Port:              gateway  9999/TCP
TargetPort:        9999/TCP
Endpoints:         10.244.1.212:9999   
#该service下的Pod地址
Session Affinity:  None
Events:            <none>
#进入一个容器测试解析
[root@master01 ~]# kubectl exec -it gateway-6cd76c98fb-8w92t -n ms sh  
#测试解析gateway这个service的DNS
# nslookup gateway.ms.svc.cluster.local         
nslookup: can't resolve '(null)': Name does not resolve
Name:      gateway.ms.svc.cluster.local
#这个结果就是gateway这个service的ClusterIP
Address 1: 10.0.0.14 gateway.ms.svc.cluster.local

```

从上面的结果能看到,虽然Service有1个endpoint,但是DNS查询时只会返回Service的ClusterIP地址,具体Client访问的是哪个real server,由iptables或者ipvs决定

#### 四、headless Service的解析service的DNS结果

```
#查看所有SVC,看到eureka的这个headless service
[root@master01 ~]# kubectl get svc -n ms   
NAME               TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)    AGE
eureka             ClusterIP   None         <none>        8888/TCP   21h
gateway            ClusterIP   10.0.0.14    <none>        9999/TCP   20h
mysql-production   ClusterIP   10.0.0.251   <none>        3306/TCP   23h
portal             ClusterIP   10.0.0.124   <none>        8080/TCP   18h
#看到eureka的这个headless service下面的endpoints
[root@master01 ~]# kubectl describe svc eureka -n ms  
Name:              eureka
Namespace:         ms
Labels:            <none>
Annotations:       kubectl.kubernetes.io/last-applied-configuration:
                     {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"eureka","namespace":"ms"},"spec":{"clusterIP":"None","ports":[{"n...
Selector:          app=eureka,project=ms
Type:              ClusterIP
IP:                None
Port:              eureka  8888/TCP
TargetPort:        8888/TCP
Endpoints:         10.244.1.210:8888,10.244.1.211:8888,10.244.2.45:8888
Session Affinity:  None
Events:            <none>
#进入容器测试解析
[root@master01 ~]# kubectl exec -it gateway-6cd76c98fb-8w92t -n ms sh  
#通过解析eureka这个headless service的DNS地址,可以看到关联的具体endpoints信息
/ # nslookup eureka.ms.svc.cluster.local                    
nslookup: can't resolve '(null)': Name does not resolve

Name:      eureka.ms.svc.cluster.local
Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local
Address 2: 10.244.1.210 eureka-0.eureka.ms.svc.cluster.local
Address 3: 10.244.2.45 eureka-1.eureka.ms.svc.cluster.local  
#解析pod的DNS记录,也能返回Pod的IP 
/ # nslookup eureka-2.eureka.ms.svc.cluster.local   
nslookup: can't resolve '(null)': Name does not resolve

Name: eureka-2.eureka.ms.svc.cluster.local  
Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local
```

根据结果看到,dns查询会返回3个endpoint,也就是3个pod地址和DNS,通过解析pod的DNS也能返回Pod的IP

#### 五、headless Service就是没头的Service,有什么使用场景呢?

第一种:自主选择权,有时候client想自己决定使用哪个Real Server,可以通过查询DNS来获取Real Server的信息

第二种:headless 　service关联的每个endpoint(也就是Pod),都会有对应的DNS域名;这样Pod之间就可以互相访问

```
[root@master01 ~]# kubectl get sts -n ms    NAME     READY   AGE   eureka   3/3     22h
[root@master01 ~]# kubectl get svc -n ms
NAME               TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)    AGE
eureka             ClusterIP   None         <none>        8888/TCP   21h
[root@master01 ~]# kubectl describe svc eureka -n ms
Name:              eureka
Namespace:         ms
Labels:            <none>
Annotations:       kubectl.kubernetes.io/last-applied-configuration:
                     {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"eureka","namespace":"ms"},"spec":{"clusterIP":"None","ports":[{"n...
Selector:          app=eureka,project=ms
Type:              ClusterIP
IP:                None
Port:              eureka  8888/TCP
TargetPort:        8888/TCP
Endpoints:         10.244.1.210:8888,10.244.1.211:8888,10.244.2.45:8888
Session Affinity:  None
Events:            <none>
[root@master01 ~]# kubectl exec -it gateway-6cd76c98fb-8w92t -n ms sh
/ # nslookup eureka.ms.svc.cluster.local
nslookup: can't resolve '(null)': Name does not resolve

Name:      eureka.ms.svc.cluster.local
Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local
Address 2: 10.244.1.210 eureka-0.eureka.ms.svc.cluster.local
Address 3: 10.244.2.45 eureka-1.eureka.ms.svc.cluster.local
/ # nslookup eureka-2.eureka.ms.svc.cluster.local
nslookup: can't resolve '(null)': Name does not resolve

Name:      eureka-2.eureka.ms.svc.cluster.local
Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local
/ # nslookup eureka-1.eureka.ms.svc.cluster.local
nslookup: can't resolve '(null)': Name does not resolve

Name:      eureka-1.eureka.ms.svc.cluster.local
Address 1: 10.244.2.45 eureka-1.eureka.ms.svc.cluster.local
/ # nslookup eureka-0.eureka.ms.svc.cluster.local
nslookup: can't resolve '(null)': Name does not resolve

Name:      eureka-0.eureka.ms.svc.cluster.local
Address 1: 10.244.1.210 eureka-0.eureka.ms.svc.cluster.local

```

如上,eureka就是我们场景的StatefulSet,对应的pod就是eureka-0,eureka-1,eureka-2,他们之间能互相访问,这样对于一些集群类型的应用就可以解决互相身份识别的问题了

#### 六、为什么要用headless service+statefulSet部署有状态应用?

1.headless service会为关联的Pod分配一个域

```
<service name>.$<namespace name>.svc.cluster.local
```

2.StatefulSet会为关联的Pod保持一个不变的Pod Name statefulset中Pod的hostname格式为

```
$(StatefulSet name)-$(pod序号)
```

3.StatefulSet会为关联的Pod分配一个dnsName
```
$<Pod Name>.$<service name>.$<namespace name>.svc.cluster.local
```

参考资料：
1、https://kubernetes.io/docs/concepts/services-networking/service/#headless-services
2、https://www.cnblogs.com/chadiandianwenrou/p/11937041.html

标签：

k8s

ABao阿宝

天道酬勤，厚积薄发。

本文暂无评论

回复给点击这里取消回复。

ABao阿宝

天道酬勤，厚积薄发。

本文 暂无 评论

回复给 点击这里取消回复。

本文暂无评论

回复给点击这里取消回复。