k8s cluster: linode k8s cluster, one master and two slaves.
The test takes busybox using wget to access nginxindex as an example.
Kubectl connects k8s cluster
Import configuration file information into local kubectl
export KUBECONFIG=/path/to/your/kubeconfig.yaml
Test 1. Access between pods in the same namespace
Create busybox in the default namespace
kubectl run -it –image busybox:1.28.4 dns-test /bin/sh
# Enter next time
kubectl exec -it dns-test /bin/sh
# View pod
kubectl getpod
Create nginx-deploy and edit nginx-deploy.yaml
apiVersion: apps/v1 # deployment api version
kind: Deployment #The resource type is deployment
metadata: # Meta information
labels: # label
app: nginx-deploy # Specific key: value configuration form
name: nginx-deploy # deployment name
namespace: default # The namespace where it is located
spec:
replicas: 1 # Expected number of replicas
revisionHistoryLimit: 10 # The number of historical versions retained after rolling updates
selector: # Selector, used to find matching RS
matchLabels: # Match according to labels
app: nginx-deploy # Matching tag key/value
strategy: # Update strategy
rollingUpdate: # Rolling update configuration
maxSurge: 25% # When performing a rolling update, the number of updates can exceed the number/proportion of the expected number of copies at most.
maxUnavailable: 25% # When performing a rolling update, the maximum unavailable update ratio indicates the maximum number of unavailable updates among all replicas.
type: RollingUpdate #Update type, using rolling update
template: # pod template
metadata: # pod meta information
labels: # pod labels
app: nginx-deploy
spec: # pod expected information
containers: # container of pod
- image: nginx:1.9.1 # Mirror
imagePullPolicy: IfNotPresent # Pull policy
name: nginx # Container name
restartPolicy: Always # Restart policy
terminationGracePeriodSeconds: 30 # Maximum grace time for deletion operation
#Create deploy
kubectl create -f nginx-deploy.yaml
# View pod details
Kubectl get pod -o wide
# Enter busybox
kubectl exec -it dns-test /bin/sh
Since there is no curl command, for convenience, use wget to directly access nginx.
At this time, the index.Html file can be directly downloaded through the pod IP, but the pod life cycle is very short, and it will be very troublesome to change it after the IP is programmed.
Create service
apiVersion: v1
Kind: Service
metadata:
name: nginx-svc
labels:
app: nginx-svc
spec:
ports:
- name: http # Service port configuration name
protocol: TCP # Port binding protocol, supports TCP, UDP, SCTP, default is TCP
port: 80 # service own port
targetPort: 80 # The port of the target pod
- name: https
port: 443
protocol:TCP
targetPort: 443
selector: # Select which pods the current service matches and proxy the east-west traffic of which pods
app: nginx-deploy
In the above deploy configuration file, you can see that the label of the pod template in the deploy is app=nginx-deploy. At this time, configuring selector app=nginx-deploy in the service configuration file can match the pod under this deploy.
Create a service, view svc (abbreviation for service), and view ep (abbreviation for endpoint).
At this time, you can directly use the svc name in busybox to access the pod service.
Test 2. Access between pods in different namespaces
The above is the access between pods in the same NS. To access the pods between different NSs, just add NS after the service name.
To create a deploy with NS as nginx, just modify the namespace to nginx. For comparison, add the -ng flag to some name information. Deploy or pod in other namespaces in front of the window need to create post-NS in advance.
#Create an NS named nginx
kubectl create ns nginx
deploy configuration file under nginx namespace
apiVersion: apps/v1 # deployment api version
kind: Deployment #The resource type is deployment
metadata: # Meta information
labels: # label
app: nginx-deploy-ns # Specific key: value configuration form
name: nginx-deploy-ns # deployment name
namespace: the namespace where nginx# is located
spec:
replicas: 1 # Expected number of replicas
revisionHistoryLimit: 10 # The number of historical versions retained after rolling updates
selector: # Selector, used to find matching RS
matchLabels: # Match according to labels
app: nginx-deploy -ng# matching tag key/value
strategy: # Update strategy
rollingUpdate: # Rolling update configuration
maxSurge: 25% # When performing a rolling update, the number of updates can exceed the number/proportion of the expected number of copies at most.
maxUnavailable: 25% # When performing a rolling update, the maximum unavailable update ratio indicates the maximum number of unavailable updates among all replicas.
type: RollingUpdate #Update type, using rolling update
template: # pod template
metadata: # pod meta information
labels: # pod labels
app: nginx-deploy-ng
spec: # pod expected information
containers: # container of pod
- image: nginx:1.9.1 # Mirror
imagePullPolicy: IfNotPresent # Pull policy
name: nginx # Container name
restartPolicy: Always # Restart policy
terminationGracePeriodSeconds: 30 # Maximum grace time for deletion operation
At this time, kubectl get pod does not see the newly created pod, because kubectl uses the default namespace by default.
Just add -n NS after the command.
Create an svc within the nginx namespace.
apiVersion: v1
Kind: Service
metadata:
name: nginx-svc
namespace: nginx
labels:
app: nginx-svc
spec:
ports:
- name: http # Service port configuration name
protocol: TCP # Port binding protocol, supports TCP, UDP, SCTP, default is TCP
port: 80 # service own port
targetPort: 80 # The port of the target pod
- name: https
port: 443
protocol:TCP
targetPort: 443
selector: # Select which pods the current service matches and proxy the east-west traffic of which pods
app: nginx-deploy-ns
Later, I used wget in busybox to request the index page of nginx. I found that using the svc name directly did not work. Adding “.nginx” after the name can request it normally. At this time, the east-west traffic of the same namespace and different namespaces under the same node has been opened.
