Shulou(Shulou.com)06/02 Report--

This article mainly shows you "what is Service in kubernetes", the content is easy to understand, clear, hope to help you solve your doubts, the following let the editor lead you to study and learn "what is Service in kubernetes" this article.

One: Service concept

Every Service in Kubernetes is actually a micro-service in the micro-service architecture. The background is that: first, the IP address of Pod is not fixed, and an agent is needed to ensure that applications that need to use Pod do not need to know the real IP address of pod; the other is that when RC creates multiple Pod copies, it needs an agent to load balance these pod.

Service mainly consists of an IP address and a label selector.

Service defines an access entry address for a service through which the front-end application accesses a group of cluster instances composed of Pod replicas behind it. Service and its back-end Pod replica cluster are seamlessly docked directly through Label Selector. In fact, the function of RC is to ensure that the service capability and quality of Service are always in the expected standard.

Second: how Service works

There is a kube-proxy running on each node of the Kubernetes cluster, which is the main component responsible for the entire Service implementation.

For each Service (regardless of whether its Pod is on the node or not), the kube-proxy listens on the host for a port corresponding to the Service. It establishes iptables rules on the host. The Service request is redirected to its corresponding random port via iptables, and then proxied to some back-end pod through kube-proxy. The mapping of ports to Service is maintained in kube-proxy, as well as the Pod list of Service agents.

Kube-proxy also monitors the increase and deletion of service and Endpoints objects in the etcd on the Master node in real time, so as to ensure that the IP and port changes of the proxied pod in the back end can be updated in time to the routing information it maintains.

Third: Service discovery mechanism

Once a Service is created, the information of the Service can be injected into the Pod for their use.

Environment variable mode: when kubelet creates a pod, it automatically adds all available service environment variables to the pod, and if necessary, these environment variables are injected into the container in the pod.

DNS mode: the DNS server uses kubernetes's WatchAPI to continuously monitor the creation of new Service and create a new DNS record for each Service. If DNS is available throughout the cluster, then all Pod can automatically resolve the domain name of Service.

IV: Service external access

The IP address of the Node IP:Node node. The IP address of the physical network card of each node, which is a real physical network. When a node outside the Kubernetes cluster accesses a node within the cluster or a TCP/IP service, it must communicate through Node IP.

Pod IP: the IP address of each Pod, which is assigned by Docker Engine according to the IP address field of the docker0 bridge. It is usually a virtual layer 2 network. Kubernetes requires Pod located on different Node to communicate directly with each other. Containers in one pod in all Kubernetes access containers in another Pod through the virtual layer 2 network where pod ip resides, while real tcp/ip traffic flows out through the physical card where node ip is located.

Cluseter IP: a virtual IP only scopes the object Service, where kubernetes manages and assigns IP addresses. It cannot be connected to ping. Can only be combined with Service Port to form a specific communication port, it belongs to the kubernetes cluster such a closed space. Nodes outside the cluster need to do some extra work if they want to access this communication port.

Using NodePort to solve the external access to services in the cluster is the most direct, effective and commonly used method.

NodePort is implemented by opening a corresponding TCP listening port for the service that needs external access on each Node in the K8s cluster. The external system only needs to use the IP address of any Node + the specific NodePort port number to access the service.

However, NodePort has not completely solved all the problems of external access to Service, such as load balancer. If there are 10 Node in our cluster, it is best to have a load balancer at this time. The external cloud load balancer only needs to access the IP address of this load balancer, and the load balancer forwards the traffic to the NodePort of a later Node.

The load balancer can be implemented in hardware or software (HAProxy,Nginx). However, this brings another problem. For each Service, you need to manually configure a corresponding load forwarding instance.

The above is all the content of this article "what is Service in kubernetes?" Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.