alden_ygq

alden_ygq

关注
发信
关注(28)粉丝(399)

Kubernetes实战(五)-pod之间网络请求实战

1 同namespace内pod网络请求

1.1 创建namespace ygq

$ kubectl create namespace ygq
namespace/ygq created

1.2 创建svc和deployment 

在naemspace ygq下创建两个应用:nginx和nginx-test。

1.2.1 部署应用nginx

$ cat nginx-svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx
  namespace: ygq
spec:
  selector:
    app: nginx
  ports:
  - port: 80
  type: ClusterIP
$ cat deployment-nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: nginx
  name: nginx
  namespace: ygq
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx
    spec:
      containers:
      - image: docker.io/library/nginx:latest
        name: nginx
        imagePullPolicy: IfNotPresent
      imagePullSecrets:
      - name: harbor-login
$ kubectl apply -f nginx-svc.yaml
$ kubectl apply -f deployment-nginx.yaml
$ kubectl get svc -n ygq 
NAME         TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
nginx        ClusterIP   192.168.245.168   <none>        80/TCP    3d
$ kubectl get pod -n ygq
NAME                          READY   STATUS    RESTARTS        AGE
nginx-547cc75cb7-j46zl        1/1     Running   0               2d22h

1.2.2 部署应用nginx-test

$ cat nginx-test-svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx-test
  namespace: ygq
spec:
  selector:
    app: nginx-test
  ports:
  - port: 80
  type: ClusterIP
$ cat deployment-nginx-test.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: nginx-test
  name: nginx-test
  namespace: ygq
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-test
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx-test
    spec:
      containers:
      - image: docker.io/library/nginx:latest
        name: nginx
        imagePullPolicy: IfNotPresent
      imagePullSecrets:
      - name: harbor-login
$ kubectl apply -f nginx-test-svc.yaml
$ kubectl apply -f deployment-nginx-test.yaml
$ kubectl get svc -n ygq 
NAME         TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
nginx-test   ClusterIP   192.168.97.154    <none>        80/TCP    3d
$ kubectl get pod -n ygq
NAME                          READY   STATUS    RESTARTS        AGE
nginx-test-6c5f4dfc79-2ldhg   1/1     Running   1 (2d23h ago)   3d

1.3 测试nginx与nginx-test互相访问

1.3.1 nginx访问nginx-test

1.3.1.1 登录nginx pod
$ kubectl exec -it nginx-547cc75cb7-j46zl /bin/bash -n ygq 
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
1.3.1.2 svc name方式访问nginx-test
root@nginx-547cc75cb7-j46zl:/# curl nginx 
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
1.3.1.3 pod ip方式访问nginx-test
# kubectl get pod -n ygq -o wide 
NAME                          READY   STATUS    RESTARTS        AGE     IP              NODE                      NOMINATED NODE   READINESS GATES
nginx-test-6c5f4dfc79-2ldhg   1/1     Running   1 (2d23h ago)   3d      172.20.176.17   cn-shanghai.10.12.46.85   <none>           <none>

pod ip是172.20.176.17。

root@nginx-547cc75cb7-j46zl:/# curl http://172.20.176.17:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
1.3.1.4 dns方式访问

deployment nginx-test的端口为80,其dns为:nginx-test.ygq.svc.cluster.local:80,简写为:nginx-test.ygq.svc:80。

1)完整dns

root@nginx-547cc75cb7-j46zl:/# curl http://nginx-test.ygq.svc.cluster.local:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

2)简写dns

root@nginx-547cc75cb7-j46zl:/# curl http://nginx-test.ygq.svc:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

1.3.2  nginx-test访问nginx

1.3.2.1 登录nginx-test pod
$ kubectl exec -it nginx-test-6c5f4dfc79-2ldhg /bin/bash -n ygq 
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
1.3.2.2 svc name方式访问nginx
root@nginx-test-6c5f4dfc79-2ldhg:/# curl nginx 
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
1.3.2.3 pod ip方式访问nginx
$ kubectl get pod -n ygq -o wide 
NAME                          READY   STATUS    RESTARTS        AGE     IP              NODE                      NOMINATED NODE   READINESS GATES
nginx-547cc75cb7-j46zl        1/1     Running   0               2d23h   172.20.176.24   cn-shanghai.10.12.46.85   <none>           <none>
root@nginx-test-6c5f4dfc79-2ldhg:/# curl http://172.20.176.24:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
1.3.2.4 dns方式访问

deployment nginx的端口为80,其dns为:nginx.ygq.svc.cluster.local:80,简写为:nginx.ygq.svc:80。

1)完整dns

root@nginx-test-6c5f4dfc79-2ldhg:/# curl nginx.ygq.svc.cluster.local:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

2)简写dns

root@nginx-test-6c5f4dfc79-2ldhg:/# curl nginx.ygq.svc:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

1.4 结论

同namespace下不同pod直接可通过svc name、pod ip及dns互相访问。

2 不同namespace间pod网络请求

2.1 创建namespace dev

$ kubectl create namespace dev
namespace/dev created

2.2 创建svc和deployment 

在naemspace dev下创建应用:nginx-dev。

2.2.1 部署应用nginx-dev

$ cat deployment-nginx-dev.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: nginx-dev
  name: nginx-dev
  namespace: dev
spec:
  replicas: 4
  selector:
    matchLabels:
      app: nginx-dev
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx-dev
    spec:
      containers:
      - image: docker.io/library/nginx:latest
        name: nginx
        imagePullPolicy: IfNotPresent
      imagePullSecrets:
      - name: harbor-login
$ cat nginx-dev-svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx-dev
  namespace: dev
spec:
  selector:
    app: nginx-dev
  ports:
  - port: 80
  type: ClusterIP
$ kubectl apply -f nginx-dev-svc.yaml
$ kubectl apply -f deployment-nginx-dev.yaml
# kubectl get svc -n dev
NAME        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
nginx-dev   ClusterIP   192.168.28.113   <none>        80/TCP    3d
$ kubectl get pod -n dev
NAME                         READY   STATUS    RESTARTS     AGE
nginx-dev-5966c9747d-gbdq4   1/1     Running   1 (3d ago)   3d

2.3 测试nginx与nginx-dev互相访问

2.3.1 nginx访问nginx-dev

2.3.1.1 登录nginx pod
$ kubectl exec -it nginx-547cc75cb7-j46zl /bin/bash -n ygq 
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
2.3.1.2 svc name方式访问
root@nginx-547cc75cb7-j46zl:/# curl nginx-dev
curl: (6) Could not resolve host: nginx-dev
2.3.1.3 pod ip方式访问 
$ kubectl get pod -n dev -o wide
NAME                         READY   STATUS    RESTARTS     AGE   IP             NODE                      NOMINATED NODE   READINESS GATES
nginx-dev-5966c9747d-gbdq4   1/1     Running   1 (3d ago)   3d    172.20.176.9   cn-shanghai.10.12.46.85   <none>           <none>
root@nginx-547cc75cb7-j46zl:/# curl 172.20.176.9:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
2.3.1.4 dns方式访问

deployment nginx-dev的端口为80,其dns为:nginx-dev.dev.svc.cluster.local:80,简写为:nginx-dev.dev.svc:80。

1)完整dns

root@nginx-547cc75cb7-j46zl:/# curl nginx-dev.dev.svc.cluster.local:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

2)简写dns

root@nginx-547cc75cb7-j46zl:/# curl nginx-dev.dev.svc:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

2.3.2 nginx-dev访问nginx

2.3.2.1 登录nginx-dev pod
$ kubectl exec -it nginx-dev-5966c9747d-gbdq4 /bin/bash -n dev
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
2.3.2.2 svc name方式访问
root@nginx-dev-5966c9747d-gbdq4:/# curl nginx    
curl: (6) Could not resolve host: nginx
2.3.2.3 pod ip方式访问
$ kubectl get pod -n ygq -o wide 
NAME                          READY   STATUS    RESTARTS     AGE     IP              NODE                      NOMINATED NODE   READINESS GATES
nginx-547cc75cb7-j46zl        1/1     Running   0            2d23h   172.20.176.24   cn-shanghai.10.12.46.85   <none>           <none>
root@nginx-dev-5966c9747d-gbdq4:/# curl 172.20.176.24:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
2.3.2.4 dns方式访问

deployment nginx的端口为80,其dns为:nginx.ygq.svc.cluster.local:80,简写为:nginx.ygq.svc:80。

1)完整dns

root@nginx-dev-5966c9747d-gbdq4:/# curl nginx.ygq.svc.cluster.local:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

2)简写dns

root@nginx-dev-5966c9747d-gbdq4:/# curl nginx.ygq.svc:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

2.4 结论 

不同namespace下pod直接可通过pod ip及dns互相访问,但不能通过svc name进行访问

3 pod name实战

3.1 同一namespace下

3.1.1 deployment

$ kubectl get pod -n ygq  -o wide 
NAME                          READY   STATUS    RESTARTS     AGE    IP              NODE                      NOMINATED NODE   READINESS GATES
nginx-547cc75cb7-j46zl        1/1     Running   0            3d     172.20.176.24   cn-shanghai.10.12.46.85   <none>           <none>
nginx-test-6c5f4dfc79-2ldhg   1/1     Running   1 (3d ago)   3d2h   172.20.176.17   cn-shanghai.10.12.46.85   <none>           <none>
$ kubectl create -f deployment-nginx.yaml 
Error from server (AlreadyExists): error when creating "deployment-nginx.yaml": deployments.apps "nginx" already exists

3.1.2 Service

$ kubectl get svc -n ygq  -o wide 
NAME         TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE    SELECTOR
nginx        ClusterIP   192.168.245.168   <none>        80/TCP    3d1h   app=nginx
nginx-test   ClusterIP   192.168.97.154    <none>        80/TCP    3d1h   app=nginx-test
$ kubectl create -f nginx-svc.yaml
Error from server (AlreadyExists): error when creating "nginx-svc.yaml": services "nginx" already exists

3.2 不同namespace 

3.2.1 deployment

$ kubectl get pod -n dev -o wide 
NAME                         READY   STATUS    RESTARTS       AGE    IP              NODE                      NOMINATED NODE   READINESS GATES
nginx-cfcb57f6d-vr79r        1/1     Running   0              10s    172.20.176.28   cn-shanghai.10.12.46.85   <none>           <none>
nginx-dev-5966c9747d-gbdq4   1/1     Running   1 (3d1h ago)   3d1h   172.20.176.9    cn-shanghai.10.12.46.85   <none>           <none>
$ kubectl get pod -n ygq  -o wide 
NAME                          READY   STATUS    RESTARTS     AGE    IP              NODE                      NOMINATED NODE   READINESS GATES
nginx-547cc75cb7-j46zl        1/1     Running   0            3d     172.20.176.24   cn-shanghai.10.12.46.85   <none>           <none>
nginx-test-6c5f4dfc79-2ldhg   1/1     Running   1 (3d ago)   3d2h   172.20.176.17   cn-shanghai.10.12.46.85   <none>           <none>

3.2.2 Service 

$ kubectl get svc -n dev -o wide 
NAME        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE    SELECTOR
nginx       ClusterIP   192.168.87.200   <none>        80/TCP    7s     app=nginx
nginx-dev   ClusterIP   192.168.28.113   <none>        80/TCP    3d1h   app=nginx-dev
$ kubectl get svc -n ygq  -o wide 
NAME         TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE    SELECTOR
nginx        ClusterIP   192.168.245.168   <none>        80/TCP    3d1h   app=nginx
nginx-test   ClusterIP   192.168.97.154    <none>        80/TCP    3d1h   app=nginx-test

3.3 结论

不同namescpace下可以存在相同名称的资源,同一namespace下不允许有相同名称的资源。

4 总结

  • 同一namespace下的应用可以通过svc name、pod ip和dns互相访问,不同namespace下可以通过pod ip和dns互相访问。
  • 同一namespace下不允许有相同名称的资源,不同namescpace下可以存在名字一样的资源。

 

 

 

 

11-19 18:41
Powered by LMLPHP ©2024 alden_ygq 0.004629