Kubernetes(k8s)的流量负载组件Service的NodePort、LoadBalancer、ExternalName类型讲解与使用

1. NodePort

1.1 概述

ClusterIP创建的Service的IP地址只能在集群内部访问。而NodePort类型的Service，可以将Service的端口映射到Node的一个端口上，就可以在集群外部通过http://集群任意节点:NodePort来访问Service了

1.2 环境准备

首先利用Deployment创建出3个Pod，为Pod设置app=nginx-pod的标签

新建pod-controller.yaml，内容如下。然后运行deployment

[root@k8s-master ~]# cat pod-controller.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pod-controller
  namespace: dev
  labels:
    controller: deploy
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx-pod
  template:
    metadata:
      labels:
        app: nginx-pod
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          ports:
            - name: nginx-port
              containerPort: 80
              protocol: TCP
[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl apply -f pod-controller.yaml 
deployment.apps/pod-controller created
[root@k8s-master ~]# 

查看3个pod的信息

[root@k8s-master ~]# kubectl get pod -n dev -o wide
NAME                              READY   STATUS    RESTARTS   AGE     IP               NODE        NOMINATED NODE   READINESS GATES
pod-controller-5b899bbdb4-267mq   1/1     Running   0          2m15s   10.244.36.124    k8s-node1   <none>           <none>
pod-controller-5b899bbdb4-ffkgj   1/1     Running   0          2m15s   10.244.169.154   k8s-node2   <none>           <none>
pod-controller-5b899bbdb4-hf75p   1/1     Running   0          2m15s   10.244.169.152   k8s-node2   <none>           <none>
[root@k8s-master ~]# 

然后将每个nginx的首页内容，修改成各自的pod IP地址。这里以10.244.36.124上的nginx为例，其它两个操作类似

[root@k8s-master ~]# kubectl exec -it pod-controller-5b899bbdb4-267mq -c nginx -n dev -- /bin/bash
root@pod-controller-5b899bbdb4-267mq:/# 
root@pod-controller-5b899bbdb4-267mq:/# echo "10.244.36.124" > /usr/share/nginx/html/index.html
root@pod-controller-5b899bbdb4-267mq:/# 
root@pod-controller-5b899bbdb4-267mq:/# exit
exit
[root@k8s-master ~]# 
[root@k8s-master ~]# curl 10.244.36.124:80
10.244.36.124
[root@k8s-master ~]# 

1.3 创建Service

新建service-nodeport.yaml，内容如下。然后运行Service

[root@k8s-master ~]# cat service-nodeport.yaml 
apiVersion: v1
kind: Service
metadata:
  name: service-nodeport
  namespace: dev
spec:
  selector:
    app: nginx-pod
  type: NodePort
  clusterIP: 10.96.68.68
  sessionAffinity: ClientIP
  ports:
    - protocol: TCP
      port: 80 
      targetPort: 80
      nodePort: 30080
[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl apply -f service-nodeport.yaml 
service/service-nodeport created
[root@k8s-master ~]# 

1.4 查看Service然后访问页面

[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl get svc service-nodeport -n dev -o wide
NAME               TYPE       CLUSTER-IP    EXTERNAL-IP   PORT(S)        AGE     SELECTOR
service-nodeport   NodePort   10.96.68.68   <none>        80:30080/TCP   2m38s   app=nginx-pod
[root@k8s-master ~]# 
[root@k8s-master ~]# curl 192.168.23.160:30080
10.244.36.124
[root@k8s-master ~]# 
[root@k8s-master ~]# curl 192.168.23.161:30080
10.244.36.124
[root@k8s-master ~]# 
[root@k8s-master ~]# curl 192.168.23.162:30080
10.244.36.124
[root@k8s-master ~]# 

2. LoadBalancer

LoadBalancer和NodePort很相似，目的都是向外部暴露一个端口，区别在于LoadBalancer会在集群的外部再来做一个负载均衡设备，而这个设备需要外部环境的支持，外部服务发送到这个设备上的请求，会被设备负载之后转发到集群中

3. ExternalName

ExternalName类型的Service用于引入集群外部的服务，它通过externalName属性指定一个服务的地址，然后在集群内部访问此Service就可以访问到外部的服务了

3.1 创建Service

新建service-externalname.yaml，内容如下。然后运行Service

[root@k8s-master ~]# cat service-externalname.yaml 
apiVersion: v1
kind: Service
metadata:
  name: service-externalname
  namespace: dev
spec:
  type: ExternalName
  externalName: www.baidu.com
[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl apply -f service-externalname.yaml 
service/service-externalname created
[root@k8s-master ~]# 

3.2 域名解析

[root@k8s-master ~]# dig @10.96.0.10 service-externalname.dev.svc.cluster.local

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.9 <<>> @10.96.0.10 service-externalname.dev.svc.cluster.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3244
;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;service-externalname.dev.svc.cluster.local. IN A

;; ANSWER SECTION:
service-externalname.dev.svc.cluster.local. 30 IN CNAME	www.baidu.com.
www.baidu.com.		30	IN	CNAME	www.a.shifen.com.
www.a.shifen.com.	30	IN	A	14.215.177.38
www.a.shifen.com.	30	IN	A	14.215.177.39

;; Query time: 41 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: 六 5月 21 16:15:22 CST 2022
;; MSG SIZE  rcvd: 247

[root@k8s-master ~]#