k8s cluster: linode k8s cluster, one master and two slaves.
The test takes busybox using wget to access nginxindex as an example.
Kubectl connects k8s cluster
Import configuration file information into local kubectl
export KUBECONFIG=/path/to/your/kubeconfig.yaml
Test 1. Access between pods in the same namespace
Create busybox in the default namespace
kubectl run -it –image busybox:1.28.4 dns-test /bin/sh
# Enter next time
kubectl exec -it dns-test /bin/sh
# View pod
kubectl getpod
Create nginx-deploy and edit nginx-deploy.yaml
apiVersion: apps/v1 # deployment api version kind: Deployment #The resource type is deployment metadata: # Meta information labels: # label app: nginx-deploy # Specific key: value configuration form name: nginx-deploy # deployment name namespace: default # The namespace where it is located spec: replicas: 1 # Expected number of replicas revisionHistoryLimit: 10 # The number of historical versions retained after rolling updates selector: # Selector, used to find matching RS matchLabels: # Match according to labels app: nginx-deploy # Matching tag key/value strategy: # Update strategy rollingUpdate: # Rolling update configuration maxSurge: 25% # When performing a rolling update, the number of updates can exceed the number/proportion of the expected number of copies at most. maxUnavailable: 25% # When performing a rolling update, the maximum unavailable update ratio indicates the maximum number of unavailable updates among all replicas. type: RollingUpdate #Update type, using rolling update template: # pod template metadata: # pod meta information labels: # pod labels app: nginx-deploy spec: # pod expected information containers: # container of pod - image: nginx:1.9.1 # Mirror imagePullPolicy: IfNotPresent # Pull policy name: nginx # Container name restartPolicy: Always # Restart policy terminationGracePeriodSeconds: 30 # Maximum grace time for deletion operation
#Create deploy
kubectl create -f nginx-deploy.yaml
# View pod details
Kubectl get pod -o wide
# Enter busybox
kubectl exec -it dns-test /bin/sh
Since there is no curl command, for convenience, use wget to directly access nginx.
At this time, the index.Html file can be directly downloaded through the pod IP, but the pod life cycle is very short, and it will be very troublesome to change it after the IP is programmed.
Create service
apiVersion: v1 Kind: Service metadata: name: nginx-svc labels: app: nginx-svc spec: ports: - name: http # Service port configuration name protocol: TCP # Port binding protocol, supports TCP, UDP, SCTP, default is TCP port: 80 # service own port targetPort: 80 # The port of the target pod - name: https port: 443 protocol:TCP targetPort: 443 selector: # Select which pods the current service matches and proxy the east-west traffic of which pods app: nginx-deploy
In the above deploy configuration file, you can see that the label of the pod template in the deploy is app=nginx-deploy. At this time, configuring selector app=nginx-deploy in the service configuration file can match the pod under this deploy.
Create a service, view svc (abbreviation for service), and view ep (abbreviation for endpoint).
At this time, you can directly use the svc name in busybox to access the pod service.
Test 2. Access between pods in different namespaces
The above is the access between pods in the same NS. To access the pods between different NSs, just add NS after the service name.
To create a deploy with NS as nginx, just modify the namespace to nginx. For comparison, add the -ng flag to some name information. Deploy or pod in other namespaces in front of the window need to create post-NS in advance.
#Create an NS named nginx
kubectl create ns nginx
deploy configuration file under nginx namespace
apiVersion: apps/v1 # deployment api version kind: Deployment #The resource type is deployment metadata: # Meta information labels: # label app: nginx-deploy-ns # Specific key: value configuration form name: nginx-deploy-ns # deployment name namespace: the namespace where nginx# is located spec: replicas: 1 # Expected number of replicas revisionHistoryLimit: 10 # The number of historical versions retained after rolling updates selector: # Selector, used to find matching RS matchLabels: # Match according to labels app: nginx-deploy -ng# matching tag key/value strategy: # Update strategy rollingUpdate: # Rolling update configuration maxSurge: 25% # When performing a rolling update, the number of updates can exceed the number/proportion of the expected number of copies at most. maxUnavailable: 25% # When performing a rolling update, the maximum unavailable update ratio indicates the maximum number of unavailable updates among all replicas. type: RollingUpdate #Update type, using rolling update template: # pod template metadata: # pod meta information labels: # pod labels app: nginx-deploy-ng spec: # pod expected information containers: # container of pod - image: nginx:1.9.1 # Mirror imagePullPolicy: IfNotPresent # Pull policy name: nginx # Container name restartPolicy: Always # Restart policy terminationGracePeriodSeconds: 30 # Maximum grace time for deletion operation
At this time, kubectl get pod does not see the newly created pod, because kubectl uses the default namespace by default.
Just add -n NS after the command.
Create an svc within the nginx namespace.
apiVersion: v1 Kind: Service metadata: name: nginx-svc namespace: nginx labels: app: nginx-svc spec: ports: - name: http # Service port configuration name protocol: TCP # Port binding protocol, supports TCP, UDP, SCTP, default is TCP port: 80 # service own port targetPort: 80 # The port of the target pod - name: https port: 443 protocol:TCP targetPort: 443 selector: # Select which pods the current service matches and proxy the east-west traffic of which pods app: nginx-deploy-ns
Later, I used wget in busybox to request the index page of nginx. I found that using the svc name directly did not work. Adding “.nginx” after the name can request it normally. At this time, the east-west traffic of the same namespace and different namespaces under the same node has been opened.