[英]How can I expose a service to other pods in kubernetes?
I have a simple service我有一个简单的服务
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2 # tells deployment to run 2 pods matching the template
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80
And here is how my cluster looks like.这是我的集群的样子。 Pretty simple.很简单。
$kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
my-shell-95cb5df57-cdj4z 1/1 Running 0 23m 10.60.1.32 aks-nodepool-19248108-0 <none> <none>
nginx-deployment-76bf4969df-58d66 1/1 Running 0 36m 10.60.1.10 aks-nodepool-19248108-0 <none> <none>
nginx-deployment-76bf4969df-jfkq7 1/1 Running 0 36m 10.60.1.21 aks-nodepool-19248108-0 <none> <none>
$kubectl get services -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
internal-ingress LoadBalancer 10.0.0.194 10.60.1.35 80:30157/TCP 5m28s app=nginx-deployment
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 147m <none>
$kubectl get rs -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
my-shell-95cb5df57 1 1 1 23m my-shell ubuntu pod-template-hash=95cb5df57,run=my-shell
nginx-deployment-76bf4969df 2 2 2 37m nginx nginx:1.7.9 app=nginx,pod-template-hash=76bf4969df
I see I have 2 pods wiht my nginx app.我看到我的 nginx 应用程序有 2 个豆荚。 I want to be able to send a request from any other new pod to either one of them.我希望能够从任何其他新 pod 向其中任何一个发送请求。 If one crashes, I want to still be able to send this request.如果一个崩溃,我希望仍然能够发送此请求。 In the past I used a load balancer for this.过去我为此使用了负载平衡器。 The problem with load balancers is that they open up a public IP and int this specific scenario, I don't want a public IP anymore.负载均衡器的问题在于它们开放了一个公共 IP,在这个特定的场景中,我不再想要一个公共 IP。 I want this service to be invoked by other pods directly, without a public IP.我希望这个服务直接被其他 pod 调用,不需要公共 IP。
I tried to use an internal load balancer.我尝试使用内部负载平衡器。
apiVersion: v1
kind: Service
metadata:
name: internal-ingress
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "true"
service.beta.kubernetes.io/azure-load-balancer-internal-subnet: "my-subnet"
spec:
type: LoadBalancer
loadBalancerIP: 10.60.1.45
ports:
- port: 80
selector:
app: nginx-deployment
The problem is that it does not get an IP in my 10.60.0.0/16
network like it is described here: https://docs.microsoft.com/en-us/azure/aks/internal-lb#specify-a-different-subnet I get this never ending <pending>
.问题是它在我的10.60.0.0/16
网络中没有像这里描述的那样获得 IP: https : 10.60.0.0/16
不同的子网我得到这个永无止境的<pending>
。
kubectl get services -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
internal-ingress LoadBalancer 10.0.0.230 <pending> 80:30638/TCP 15s app=nginx-deployment
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 136m <none>
What am I missing?我错过了什么? How to troubleshoot?如何排除故障? Is it even possible to have pod to service communication?甚至有可能让 pod 来服务通信吗?
From the message you provide, it seems you want to use a special private IP address which is in the subnet that the same as the AKS cluster use.根据您提供的消息,您似乎想要使用与 AKS 群集使用的子网相同的特殊私有 IP 地址。 I think the possible reason is that the special IP address which you want to use is already assigned by the AKS, it means you cannot use it.我认为可能的原因是您要使用的特殊IP地址已经由AKS分配,这意味着您无法使用它。
Troubleshooting故障排除
So you need to guide to the Vnet which your AKS cluster used and check if the IP address is already in use.因此,您需要引导到您的 AKS 群集使用的 Vnet 并检查 IP 地址是否已在使用中。 Here is the screenshot:这是屏幕截图:
Solution解决方案
Choose an IP address that is not assigned by the AKS from the subnet the AKS used.从 AKS 使用的子网中选择一个不是由 AKS 分配的 IP 地址。 Or do not use a special one, let the AKS assign your load balancer dynamic.或者不使用特殊的,让 AKS 动态分配您的负载均衡器。 Then change your YAML file like below:然后更改您的 YAML 文件,如下所示:
apiVersion: v1
kind: Service
metadata:
name: internal-ingress
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "true"
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: nginx-deployment
Use a ClusterIP Service (the default type) which creates only a cluster-internal IP and no public IP:使用仅创建集群内部 IP 而没有公共 IP 的 ClusterIP 服务(默认类型):
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- port: 80
targetPort: 80
Then you can access the Service (and thus the Pods behind it) from any other Pod in the same namespace by using the Service name as the DNS name:然后,您可以使用服务名称作为 DNS 名称,从同一命名空间中的任何其他 Pod 访问该服务(以及其背后的 Pod):
curl nginx-service
If the Pod from which you want to access the Service is in a different namespace, you have to use the fully qualified domain name of the Service:如果要从中访问 Service 的 Pod 位于不同的命名空间中,则必须使用 Service 的完全限定域名:
curl nginx-service.my-namespace.svc.cluster.local
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.