stackoom
  简体   繁体   中英

Kubernetes : why are my requests redirected to different pods although I set sessionAffinity to ClientIP?

 原文  2021-01-22 09:42:41       kubernetes/ kubernetes-service/ session-affinity

Question

In my headless service, I configure sessionAffinity so that connections from a particular client are passed to the same Pod each time as described here

Here is the manifest:

apiVersion: v1
kind: Service
metadata:
  name: service1
spec:
  clusterIP: None
  selector:
    app: nginx
  sessionAffinity: ClientIP
  sessionAffinityConfig:
    clientIP:
      timeoutSeconds: 30

I run some nginx pods to test:

$ kubectl create deployment nginx --image=stenote/nginx-hostname

The problem is that when I curl my service, I am redirected to different pods and sessionAffinity seems to be ignored.

$ kubectl run --generator=run-pod/v1 --rm utils -it --image arunvelsriram/utils bash
root@utils:/# for i in $(seq 1 10) ; do curl service1; done
nginx-78d58889-b7fm2
nginx-78d58889-b7fm2
nginx-78d58889-b7fm2
nginx-78d58889-b7fm2
nginx-78d58889-b7fm2
nginx-78d58889-8rpxd
nginx-78d58889-b7fm2
nginx-78d58889-62jlw
nginx-78d58889-8rpxd
nginx-78d58889-62jlw

NB. When I check with

$ kubectl describe  svc service1
Name:              service1
Namespace:         abdelghani
Labels:            <none>
Annotations:       <none>
Selector:          app=nginx
Type:              ClusterIP
IP Families:       <none>
IP:                None
IPs:               <none>
Session Affinity:  ClientIP
Events:            <none>

SessionAffinity configuration is present.

Note that my service is headless ie clusterIP: None . SessionAffinity seems to work fine with non-headless services. But, I cant find a clear explanation in the documentation. Is this related to the platform not doing any proxying?

Abdelghani

1 answers

solution1
 2 ACCPTED  2021-01-22 12:44:17

When using headless service (clusterIP: None) you don't use proxy.

From k8s docs :

For headless Services, a cluster IP is not allocated, kube-proxy does not handle these Services, and there is no load balancing or proxying done by the platform for them. How DNS is automatically configured depends on whether the Service has selectors defined

So when using headless service, dns responds with randomized list of ips of all pods associated with given service.

/app # dig service1 +search +short
172.17.0.8
172.17.0.10
172.17.0.9
/app # dig service1 +search +short
172.17.0.9
172.17.0.10
172.17.0.8
/app # dig service1 +search +short
172.17.0.8
172.17.0.10
172.17.0.9
/app # dig service1 +search +short
172.17.0.10
172.17.0.9
172.17.0.8
/app # dig service1 +search +short
172.17.0.9
172.17.0.8
172.17.0.10

and curl just gets one and goes with it.

Since this hapens every request, every time you get different ip from dns, you connect to different pod.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Is there a way to provide custom value other than ClientIP for sessionAffinity in kubernetes? Why are my Kubernetes pods sharing environment variables? In kubernetes can ```service.spec.sessionAffinityConfig.clientIP.timeoutSeconds``` be set to infinity? How can I define threshold in receiving requests by the pods(In Kubernetes environment) Why does my kubernetes service endpoint IP change every time I update the pods? Kubernetes different container args depending on number of pods in replica set OpenShift service with sessionAffinity forwards traffic to two pods why my kubernetes service doesn't target pods How can I monitor my pods running on Kubernetes? How can I deploy a kubernetes replica pods with different spring profiles
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM