Kubernetes Service:服务发现与负载均衡
Kubernetes Service:服务发现与负载均衡
Service概述
Service是Kubernetes中为一组Pod提供稳定访问入口的抽象。它通过标签选择器(Selector)关联Pod,并提供负载均衡能力。
Service类型
ClusterIP(默认)
集群内部访问的虚拟IP:
# clusterip-service.yaml
apiVersion: v1
kind: Service
metadata:
name: backend-service
spec:
type: ClusterIP
selector:
app: backend
ports:
- port: 80
targetPort: 8080
protocol: TCP
NodePort
在每个节点上开放固定端口:
# nodeport-service.yaml
apiVersion: v1
kind: Service
metadata:
name: web-service
spec:
type: NodePort
selector:
app: web
ports:
- port: 80
targetPort: 80
nodePort: 30080
LoadBalancer
使用云平台负载均衡器:
# loadbalancer-service.yaml
apiVersion: v1
kind: Service
metadata:
name: api-service
annotations:
service.beta.kubernetes.io/aws-load-balancer-type: nlb
spec:
type: LoadBalancer
selector:
app: api
ports:
- port: 443
targetPort: 8443
ExternalName
映射到外部域名:
# externalname-service.yaml
apiVersion: v1
kind: Service
metadata:
name: external-db
spec:
type: ExternalName
externalName: db.example.com
Headless Service
不分配ClusterIP,直接返回Pod IP:
# headless-service.yaml
apiVersion: v1
kind: Service
metadata:
name: stateful-service
spec:
clusterIP: None
selector:
app: stateful
ports:
- port: 80
targetPort: 8080
# 查看Headless Service的Pod IP
kubectl get endpoints stateful-service
多端口Service
# multi-port-service.yaml
apiVersion: v1
kind: Service
metadata:
name: multi-port-service
spec:
selector:
app: myapp
ports:
- name: http
port: 80
targetPort: 8080
- name: https
port: 443
targetPort: 8443
- name: metrics
port: 9090
targetPort: 9090
服务发现
环境变量
# Pod内会自动注入环境变量
# BACKEND_SERVICE_SERVICE_HOST=10.96.0.100
# BACKEND_SERVICE_SERVICE_PORT=80
DNS解析
# 集群内DNS解析
# 格式: <service-name>.<namespace>.svc.cluster.local
# 同一命名空间内
curl http://backend-service
# 跨命名空间
curl http://backend-service.production.svc.cluster.local
# Headless Service返回所有Pod IP
nslookup stateful-service.default.svc.cluster.local
Endpoints
Endpoints是Service关联的Pod IP列表:
# 查看Endpoints
kubectl get endpoints backend-service
# 手动创建Endpoints
kubectl create -f - <<EOF
apiVersion: v1
kind: Endpoints
metadata:
name: external-service
subsets:
- addresses:
- ip: 192.168.1.100
- ip: 192.168.1.101
ports:
- port: 80
protocol: TCP
EOF
实践:完整服务架构
# 完整的三层应用架构
---
# 前端Service
apiVersion: v1
kind: Service
metadata:
name: frontend-service
spec:
type: LoadBalancer
selector:
app: frontend
ports:
- port: 80
targetPort: 80
---
# 前端Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: frontend
spec:
replicas: 3
selector:
matchLabels:
app: frontend
template:
metadata:
labels:
app: frontend
spec:
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80
---
# 后端Service
apiVersion: v1
kind: Service
metadata:
name: backend-service
spec:
selector:
app: backend
ports:
- port: 8080
targetPort: 8080
---
# 后端Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
spec:
replicas: 3
selector:
matchLabels:
app: backend
template:
metadata:
labels:
app: backend
spec:
containers:
- name: api
image: myapi:1.0
ports:
- containerPort: 8080
env:
- name: DB_HOST
value: "mysql-service"
---
# 数据库Service(Headless)
apiVersion: v1
kind: Service
metadata:
name: mysql-service
spec:
clusterIP: None
selector:
app: mysql
ports:
- port: 3306
targetPort: 3306
Service故障排查
# 查看Service详情
kubectl describe svc backend-service
# 查看Endpoints
kubectl get endpoints backend-service
# 测试Service连通性
kubectl run curl-test --rm -it --image=curlimages/curl -- \
curl http://backend-service:8080/health
# 检查DNS解析
kubectl run dns-test --rm -it --image=busybox -- \
nslookup backend-service
# 查看kube-proxy日志
kubectl logs -n kube-system -l k8s-app=kube-proxy
总结
Service是Kubernetes实现服务发现和负载均衡的核心机制。理解不同类型的Service及其适用场景,是构建可靠微服务架构的关键。