1, Service discovery
1. Concept
In short, service discovery is the process of mutual positioning between services (Applications).
Service discovery is not unique in the era of cloud computing. It will also be used in the era of traditional single architecture. Service discovery is more needed in the following application scenarios
Services (Applications) are highly dynamic
Service (application) updates and releases frequently
The service (application) supports automatic scaling
In k8s cluster, the IP of POD is constantly changing. How to "respond to changes with invariance"
The service resource is abstracted and associated with a group of pods through the tag selector
The cluster network is abstracted, and the service access point is fixed through the relatively fixed "cluster IP"
So how to automatically associate the "name" and "cluster network IP" of Service resources to achieve the purpose that services are automatically discovered by the cluster?
Consider the traditional DNS model: hdss7-21 host. com->10.4.7.21
Can we build such a model in k8s: nginx DS - > 192.168.0.5
2. k8s service discovery method - DNS
3. Plug in (software) to realize DNS function in k8s
kube-dns-kubernetes-v1.2 to kubernetes-v1 ten
Coredns-kubernetes-v1.11 to date
Note: DNS in k8s is not omnipotent! It should only be responsible for automatically maintaining the relationship between "service name" - > "cluster network IP"
2, Core components deployed k8s (CoreDNS)
1. Write configuration file
vim /etc/nginx/conf.d/k8s-yaml.od.com.conf
server {
listen 80;
server_name k8s-yaml.od.com;
location / {
autoindex on;
default_type text/plain;
root /data/k8s-yaml;
}
}
mkdir /data/k8s-yaml/coredns -p2. Create yaml file
vim /data/k8s-yaml/coredns/rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: coredns
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
kubernetes.io/bootstrapping: rbac-defaults
addonmanager.kubernetes.io/mode: Reconcile
name: system:coredns
rules:
- apiGroups:
- ""
resources:
- endpoints
- services
- pods
- namespaces
verbs:
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
addonmanager.kubernetes.io/mode: EnsureExists
name: system:coredns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:coredns
subjects:
- kind: ServiceAccount
name: coredns
namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
log
health
kubernetes cluster.local 182.168.0.0/16 #Receive this information according to kubelet's configuration file
forward . 192.168.112.60
cache 30
loop
reload
loadbalance
}
vim /data/k8s-yaml/coredns/cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
log
health
kubernetes cluster.local 192.168.0.0/16 #Receive this information according to kubelet's configuration file
forward . 192.168.112.60
cache 30
}
vim /data/k8s-yaml/coredns/dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: coredns
kubernetes.io/name: "CoreDNS"
spec:
replicas: 1
selector:
matchLabels:
k8s-app: coredns
template:
metadata:
labels:
k8s-app: coredns
spec:
priorityClassName: system-cluster-critical
serviceAccountName: coredns
containers:
- name: coredns
image: harbor.od.com/public/coredns:v1.6.1
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 9153
name: metrics
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
dnsPolicy: Default
volumes:
- name: config-volume
configMap:
name: coredns
items:
- key: Corefile
path: Corefile
vim /data/k8s-yaml/coredns/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: coredns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "CoreDNS"
spec:
selector:
k8s-app: coredns
clusterIP: 192.168.0.2
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
- name: metrics
port: 9153
protocol: TCP3. Modify dns
[root@slave1 ~]# vim /var/named/od.com.zone k8s-yaml A 192.168.112.24 systemctl restart named dig -t A k8s-yaml.od.com @192.168.112.20 +short
4. Download the image from docker
docker pull docker.io/coredns/coredns:1.6.1 docker tag c0f6e815079e harbor.od.com/public/coredns:v1.6.1 docker push harbor.od.com/public/coredns:v1.6.1
5. Use statement
kubectl apply -f http://k8s-yaml.od.com/coredns/rbac.yaml kubectl apply -f http://k8s-yaml.od.com/coredns/cm.yaml kubectl apply -f http://k8s-yaml.od.com/coredns/dp.yaml kubectl apply -f http://k8s-yaml.od.com/coredns/svc.yaml
Huawei Yunkai annual benefits:
Benefit 1: free trial of overseas virtual machine and cloud native container
Enter the free trial zone [real name to receive]:
Benefit 2: ultra low discount
The original price is 1244.76 yuan. Now, the 1C2G1M bandwidth server for a year only needs 99 yuan. The host security is given away
Welfare III:
The ultimate award, Huawei cloud permanent VIP (real name registration No. 59, 119, 189... And so on)
You can enjoy a permanent 20% discount on the purchase of Huawei cloud permanent rights (except for cloud dedicated lines, hardware products, hybrid trust products, domain names, bidding examples, stored value cards, cloud market products, international cloud alliance nodes, HCS Online solutions and specific products above).
Participation Strategy:
1. Press and hold the QR code below to register Web page connection
2. Real name authentication
Next, you can wait for the lottery. This activity lasts until the end of the month. We will open the lottery every five working days. Please pay attention to it.