知是行的主意,行是知的功夫。这篇文章主要讲述K8S---service---metalLB相关的知识,希望能为你提供帮助。
loadbalancer类型用户访问k8s集群方式:
集群外访问:用户-->
域名-->
云服务提供端提供LB-->
NodeIP:Port(service IP) -->
Pod IP:端口
?
- K8s没有为物理集群提供loadbalancer类型的service
- k8s附带的loadbalancer的实现都是调用各种IaaS平台(GCP,AWS,Azure等)
- metalLB方案解决了这种问题,使k8s物理集群也能使用loadbalancer类型的service
metalLB解决方案
参考:??https://metallb.universe.tf/installation/??
1, 首先要确定为ipvs调度模式,而不是iptables调度。(此条件已经满足)
2,下载YAML文件
[root@master1 ~]# mkdir metallb
[root@master1 ~]# cd metallb/
[root@master1 metallb]# wget https://raw.githubusercontent.com/metallb/metallb/v0.9.4/manifests/namespace.yaml
[root@master1 metallb]# wget https://raw.githubusercontent.com/metallb/metallb/v0.9.4/manifests/metallb.yaml
3,应用YAML创建namespace
[root@master1 metallb]# kubectl apply -f namespace.yaml
namespace/metallb-system created
[root@master1 metallb]# kubectl get ns |grep metallb-system
metallb-systemActive16s
4, 创建secret
[root@master1 metalb]# kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
说明:
- secret是一种存放密文的存储方式
- 这里要先创建,再做下面一步,否则pod启动不了,会
Error: secret "memberlist" not found错误
[root@master1 metallb]# kubectl apply -f metallb.yaml
podsecuritypolicy.policy/controller created
podsecuritypolicy.policy/speaker created
serviceaccount/controller created
serviceaccount/speaker created
clusterrole.rbac.authorization.k8s.io/metallb-system:controller created
clusterrole.rbac.authorization.k8s.io/metallb-system:speaker created
role.rbac.authorization.k8s.io/config-watcher created
role.rbac.authorization.k8s.io/pod-lister created
clusterrolebinding.rbac.authorization.k8s.io/metallb-system:controller created
clusterrolebinding.rbac.authorization.k8s.io/metallb-system:speaker created
rolebinding.rbac.authorization.k8s.io/config-watcher created
rolebinding.rbac.authorization.k8s.io/pod-lister created
daemonset.apps/speaker created
deployment.apps/controller created
[root@master1 metallb]# kubectl get pods -n metallb-systemNAMEREADYSTATUSRESTARTSAGE
controller-5854d49f77-kjzgv1/1Running049s
speaker-fhdg91/1Running049s
speaker-jxx9n1/1Running050s
speaker-pttlq1/1Running049s
speaker-wh4sh1/1Running048s
5, 编写YAML并创建configMap(一种存放明文文件的存储方式)
[root@master1 metallb]# vim metallb-configmap.yml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: my-ip-space
protocol: layer2
addresses:
- 192.168.122.100-192.168.122.200
[root@master1 metallb]# kubectl apply -f metallb-configmap.yml
configmap/config created
6, 编写一个应用YAML使用LoadBanlancer类型service,并创建
[root@master1 metalb]# vim deploy-metallb.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: metallb-system
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: svc1
namespace: metallb-system
spec:
type: LoadBalancer# 类型为LoadBalancer
ports:
- port: 80
targetPort: 80
selector:
app: nginx
[root@master1 metallb]# kubectl apply -f deploy-metallb.yml
deployment.apps/deploy-nginx created
service/svc1 created
7, 验证创建好的service,pod与IP
[root@master1 metallb]# kubectl get svc -n metallb-system
NAMETYPECLUSTER-IPEXTERNAL-IPPORT(S)AGE
svc1LoadBalancer10.2.57.24192.168.122.10080:26649/TCP77s注意192.168.122.100就是分配的IP
[root@master1 metalb]# kubectl get pods -o wide -n metallb-system |grep deploy-nginx
deploy-nginx-6c9764bb69-6gt951/1Running01m10.3.104.20192.168.122.14< none> < none>
deploy-nginx-6c9764bb69-cd92w1/1Running01m10.3.104.21192.168.122.14< none> < none>
[root@master1 ~]# ip a |grep 192.168.122.100
inet 192.168.122.100/32 brd 192.168.122.100 scope global kube-ipvs0
[root@master2 ~]# ip a |grep 192.168.122.100
inet 192.168.122.100/32 brd 192.168.122.100 scope global kube-ipvs0
[root@node1 ~]# ip a |grep 192.168.122.100
inet 192.168.122.100/32 brd 192.168.122.100 scope global kube-ipvs0
[root@node1 ~]# ip a |grep 192.168.122.100
inet 192.168.122.100/32 brd 192.168.122.100 scope global kube-ipvs0k8s集群节点上都有分配此IP
8, 验证负载均衡
[root@master1 ~]# kubectl exec -it deploy-nginx-6c9764bb69-6gt95 -n metallb-system -- /bin/sh
/ # echo web1 > /usr/share/nginx/html/index.html
/ # exit
[root@master1 ~]# kubectl exec -it deploy-nginx-6c9764bb69-cd92w -n metallb-system -- /bin/sh
/ # echo web2 > /usr/share/nginx/html/index.html
/ # exit
【K8S---service---metalLB】集群外的客户端访问验证
[root@hostos ~]# curl 192.168.122.100
web2
[root@hostos ~]# curl 192.168.122.100
web1
[root@hostos ~]# curl 192.168.122.100
web2
[root@hostos ~]# curl 192.168.122.100
web1
结果有负载均衡
推荐阅读
- 数字图像学习 ——双线性插值方法部分的讨论原创
- mybatis常用标签
- python-机器学习-数据标签转化
- 二进制部署高可用Kubernetes v1.17.x
- shell 脚本相关的习题(入门篇)
- #私藏项目实操分享#分布式技术专题「OSS中间件系列」Minio的Server端服务的架构和实战搭建
- RabbitMQ中的SimpleMessageListener
- 存储数据恢复案例误操作删除lun-Netapp的数据恢复
- AWS私有仓库ECR推送拉取镜像