简体繁体 English

从 Azure 中的虚拟机连接到群集服务

[英]Connect to cluster service from virtual machine in Azure

原文 2020-03-02 21:52:11 6 2 azure/ kubernetes/ virtual-machine/ azure-aks

I have a VM created in Azure, and I'd like to connect to mariadb service (mariadb.mariadb.svc.cluster.local from cluster nodes)我在 Azure 中创建了一个 VM，我想从集群节点连接到 mariadb 服务（mariadb.mariadb.svc.cluster.local）

It's possible to do that using the host name or a private IP?可以使用主机名或私有 IP 来做到这一点吗？

Thanks!谢谢！

2 个解决方案

It's possible to do that using the host name or a private IP?可以使用主机名或私有 IP 来做到这一点吗？

Absolutely!绝对地！

In Kubernetes, the service is used to communicate with pods.在 Kubernetes 中，该服务用于与 Pod 通信。

The default service type in Kubernetes is ClusterIP Kubernetes 中的默认服务类型是 ClusterIP

ClusterIP is an internal IP address reachable from inside of the Kubernetes cluster only. ClusterIP 是只能从 Kubernetes 集群内部访问的内部IP 地址。 The ClusterIP enables the applications running within the pods to access the service. ClusterIP 使在 pod 中运行的应用程序能够访问该服务。

To expose the pods outside the kubernetes cluster, you will need k8s service of NodePort or LoadBalancer type.要在 kubernetes 集群外公开 pod，您需要NodePort或LoadBalancer类型的 k8s 服务。

NodePort: Exposes the Service on each Node's IP at a static port (the NodePort). NodePort：在静态端口（NodePort）处公开每个节点 IP 上的服务。 A ClusterIP Service, to which the NodePort Service routes, is automatically created. NodePort服务路由到的ClusterIP服务会自动创建。 You'll be able to contact the NodePort Service, from outside the cluster, by requesting <NodeIP>:<NodePort> .您将能够通过请求<NodeIP>:<NodePort>从集群外部联系 NodePort 服务。

Please note that it is needed to have external IP address assigned to one of the nodes in cluster and a Firewall rule that allows ingress traffic to that port.请注意，需要将外部IP 地址分配给集群中的节点之一，以及允许进入该端口的流量的防火墙规则。 As a result kubeproxy on Kubernetes node (the external IP address is attached to) will proxy that port to the pods selected by the service.因此，Kubernetes 节点（附加了外部 IP 地址）上的 kubeproxy 会将该端口代理到服务选择的 pod。

LoadBalancer: Exposes the Service externally using a cloud provider's load balancer. LoadBalancer：使用云提供商的负载均衡器在外部公开服务。 NodePort and ClusterIP Services, to which the external load balancer routes, are automatically created.外部负载均衡器路由到的NodePort和ClusterIP服务是自动创建的。

Alternatively, if you need to access HTTP/S (that is not the case here, but still worth mentioning) it is possible to use Ingress或者，如果您需要访问 HTTP/S（这里不是这种情况，但仍然值得一提）可以使用Ingress

There is a very good article on acessing Kubernetes Pods from Outside of cluster .有一篇关于从集群外部访问 Kubernetes Pods的非常好的文章。

Hope that helps.希望有帮助。

if your service is of type clusterIP (which is the default) then you can not access this service outside of Kubernetes.如果您的服务是clusterIP类型（这是默认值），那么您无法在 Kubernetes 之外访问此服务。 You need to change the type of service to NodePort or clusterIP I am not sure kube-proxy can help here or not.您需要将服务类型更改为NodePort或clusterIP我不确定kube-proxy可以提供帮助。 this blog well describes all of this 这个博客很好地描述了这一切

considering you have access to k8s outside, definitely you can access pods outside k8s with help of考虑到你可以在外面访问 k8s，你肯定可以在 k8s 的帮助下访问 pods

kubectl exec get the shell of the running container in k8s kubectl exec获取kubectl exec中正在运行的容器的shell
kubectl port-forward maps container port with your local port. kubectl port-forward将容器端口映射到您的本地端口。