kubernetes核心概念 Service
kubernetes核心概念 Service
- kubernetes核心概念 Service
- 一、 service作用
- 二、kube-proxy三种代理模式
-
- 2.1 UserSpace模式
- 2.2 iptables模式
- 2.3 ipvs模式
- 2.4 iptables与ipvs对比
- 三、 service类型
-
- 3.1 service类型
- 3.2 Service参数
- 四、 Service创建
-
- 4.1 ClusterIP类型
-
- 4.1.1 普通ClusterIP Service创建
-
- 4.1.1.1 命令行创建Service
- 4.1.1.2 通过资源清单文件创建Service
- 4.1.1.3 访问
- 4.1.1.4 两个pod里做成不同的主页方便测试负载均衡
- 4.1.1.5 测试
- 4.1.2 Headless Service
-
- 4.1.2.1 编写用于创建Deployment控制器类型的资源清单文件
- 4.1.2.2 通过资源清单文件创建headless Service
- 4.1.2.3 应用资源清单文件创建headless Service
- 4.1.2.4 查看已创建的headless Service
- 4.1.2.5 DNS
-
- 4.1.2.5.1 查看kube-dns服务的IP
- 4.1.2.5.2 在集群主机通过DNS服务地址查找无头服务的dns解析
- 4.1.2.5.3 验证pod的IP
- 4.1.2.5.4 在集群中创建一个pod验证
- 4.2 NodePort类型
- 4.3 LoadBalancer
-
- 4.3.1 集群外访问过程
-
- 用户
- 域名
- 云服务提供商提供LB服务
- NodeIP:Port(service IP)
- Pod IP:端口
- 4.3.2 自建Kubernetes的LoadBalancer类型服务方案-MetalLB
-
- 4.3.2.1 参考资料
- 4.3.2.2 应用资源清单文件
- 4.3.2.3 准备metallb配置文件
- 4.3.2.4发布Service类型为LoadBalancer的Deployment控制器类型应用
- 4.3.2.5 验证
- 4.3.2.6 访问
- 4.4 ExternalName
-
- 4.4.1 ExternalName作用
- 4.4.2 将公网域名引入
- 4.4.3 不同命名空间访问
- 五、sessionAffinity
- 六、修改为ipvs调度方式(拓展)
-
- 6.1 修改为IPVS调度方式前升级内核
- 6.2 修改kube-proxy的配置文件
- 6.3 查看kube-system的namespace中kube-proxy有关的pod
- 6.4 验证kube-proxy-xxx的pod中的信息
- 6.5 重新启动kube-proxy
kubernetes核心概念 Service
一、 service作用
使用 kubernetes 集群运行工作负载时,由于Pod经常处于用后即焚状态,Pod经常被重新生成,因此Pod对应的IP地址也会经常变化,导致无法直接访问Pod提供的服务,Kubernetes中使用了Service来解决这一问题,即在Pod前面使用Service对Pod进行代理,无论Pod怎样变化 ,只要有Label,就可以让Service能够联系上Pod,把PodIP地址添加到Service对应的端点列表(Endpoints)实现对Pod IP跟踪,进而实现通过Service访问Pod。
- 通过service为pod客户端提供访问pod的方法,即客户端访问pod入口
- 通过标签动态感知pod IP地址变化等
- 防止pod失联
- 定义访问pod访问策略
- 通过label-selector相关联
- 通过Service实现Pod的负载均衡(TCP/UDP 4层)
- 底层实现由kube-proxy通过userspace、iptables、ipvs三种代理模式
二、kube-proxy三种代理模式
-
kubernetes集群中有三层网络,一类是真实存在的,例如Node Network、Pod Network,提供真实IP地址;一类是虚拟的,例如Cluster Network或Service Network,提供虚拟IP地址,不会出现在接口上,仅会出现在Service当中
-
kube-proxy始终watch(监控)kube-apiserver上关于Service相关的资源变动状态,一旦获取相关信息kube-proxy都要把相关信息转化为当前节点之上的,能够实现Service资源调度到特定Pod之上的规则,进而实现访问Service就能够获取Pod所提供的服务
-
kube-proxy三种代理模式:UserSpace模式、iptables模式、ipvs模式
2.1 UserSpace模式
userspace 模式是 kube-proxy 使用的第一代模式,该模式在 kubernetes v1.0 版本开始支持使用。
userspace 模式的实现原理:
kube-proxy 会为每个 Service 随机监听一个端口(proxy port),并增加一条 iptables 规则。所以通过 ClusterIP:Port 访问 Service 的报文都 redirect 到 proxy port,kube-proxy 从它监听的 proxy port 收到报文以后,走 round robin(默认) 或是 session affinity(会话亲和力,即同一 client IP 都走同一链路给同一 pod 服务),分发给对应的 pod。
由于 userspace 模式会造成所有报文都走一遍用户态(也就是 Service 请求会先从用户空间进入内核 iptables,然后再回到用户空间,由 kube-proxy 完成后端 Endpoints 的选择和代理工作),需要在内核空间和用户空间转换,流量从用户空间进出内核会带来性能损耗,所以这种模式效率低、性能不高,不推荐使用。
2.2 iptables模式
iptables 模式是 kube-proxy 使用的第二代模式,该模式在 kubernetes v1.1 版本开始支持,从 v1.2 版本开始成为 kube-proxy 的默认模式。
iptables 模式的负载均衡模式是通过底层 netfilter/iptables 规则来实现的,通过 Informer 机制 Watch 接口实时跟踪 Service 和 Endpoint 的变更事件,并触发对 iptables 规则的同步更新。
iptables 模式的实现原理图示如下:
通过图示我们可以发现在 iptables 模式下,kube-proxy 只是作为 controller,而不是 server,真正服务的是内核的 netfilter,体现在用户态的是 iptables。所以整体的效率会比 userspace 模式高。
2.3 ipvs模式
ipvs 模式被 kube-proxy 采纳为第三代模式,模式在 kubernetes v1.8 版本开始引入,在 v1.9 版本中处于 beta 阶段,在 v1.11 版本中正式开始使用。
ipvs(IP Virtual Server) 实现了传输层负载均衡,也就是 4 层交换,作为 Linux 内核的一部分。ipvs运行在主机上,在真实服务器前充当负载均衡器。ipvs 可以将基于 TCP 和 UDP 的服务请求转发到真实服务器上,并使真实服务器上的服务在单个 IP 地址上显示为虚拟服务。
ipvs 模式的实现原理图示如下:
ipvs 和 iptables 都是基于 netfilter 的,那么 ipvs 模式有哪些更好的性能呢?
- ipvs 为大型集群提供了更好的可拓展性和性能
- ipvs 支持比 iptables 更复杂的负载均衡算法(包括:最小负载、最少连接、加权等)
- ipvs 支持服务器健康检查和连接重试等功能
- 可以动态修改 ipset 的集合,即使 iptables 的规则正在使用这个集合
ipvs 依赖于 iptables。ipvs 会使用 iptables 进行包过滤、airpin-masquerade tricks(地址伪装)、SNAT 等功能,但是使用的是 iptables 的扩展 ipset,并不是直接调用 iptables 来生成规则链。通过 ipset 来存储需要 DROP 或 masquerade 的流量的源或目标地址,用于确保 iptables 规则的数量是恒定的,这样我们就不需要关心有多少 Service 或是 Pod 了。
使用 ipset 相较于 iptables 有什么优点呢?iptables 是线性的数据结构,而 ipset 引入了带索引的数据结构,当规则很多的时候,ipset 依然可以很高效的查找和匹配。我们可以将 ipset 简单理解为一个 IP(段) 的集合,这个集合的内容可以是 IP 地址、IP 网段、端口等,iptables 可以直接添加规则对这个“可变的集合进行操作”,这样就可以大大减少 iptables 规则的数量,从而减少性能损耗。
举一个例子,如果我们要禁止成千上万个 IP 访问我们的服务器,如果使用 iptables 就需要一条一条的添加规则,这样会在 iptables 中生成大量的规则;如果用 ipset 就只需要将相关的 IP 地址(网段)加入到 ipset 集合中,然后只需要设置少量的 iptables 规则就可以实现这个目标。
下面的表格是 ipvs 模式下维护的 ipset 表集合:
| 设置名称 | 成员 | 用法 |
|---|---|---|
| KUBE-CLUSTER-IP | 所有服务 IP + 端口 | 在 masquerade-all=true 或 clusterCIDR 指定的情况下对 Service Cluster IP 地址进行伪装,解决数据包欺骗问题 |
| KUBE-LOOP-BACK | 所有服务 IP + 端口 + IP | 解决数据包欺骗问题 |
| KUBE-EXTERNAL-IP | 服务外部 IP + 端口 | 将数据包伪装成 Service 的外部 IP 地址 |
| KUBE-LOAD-BALANCER | 负载均衡器入口 IP + 端口 | 将数据包伪装成 Load Balancer 类型的 Service |
| KUBE-LOAD-BALANCER-LOCAL | 负载均衡器入口 IP + 端口 以及externalTrafficPolicy=local |
接受数据包到 Load Balancer externalTrafficPolicy=local |
| KUBE-LOAD-BALANCER-FW | 负载均衡器入口 IP + 端口 以及loadBalancerSourceRanges |
使用指定的 loadBalancerSourceRanges 丢弃 Load Balancer 类型 Service 的数据包 |
| KUBE-LOAD-BALANCER-SOURCE-CIDR | 负载均衡器入口 IP + 端口 + 源 CIDR | 接受 Load Balancer 类型 Service 的数据包,并指定 loadBalancerSourceRanges |
| KUBE-NODE-PORT-TCP | NodePort 类型服务 TCP 端口 | 将数据包伪装成 NodePort(TCP) |
| KUBE-NODE-PORT-LOCAL-TCP | NodePort 类型服务 TCP 端口,带有externalTrafficPolicy=local |
接受数据包到 NodePort 服务,使用 externalTrafficPolicy=local |
| KUBE-NODE-PORT-UDP | NodePort 类型服务 UDP 端口 | 将数据包伪装成 NodePort(UDP) |
| KUBE-NODE-PORT-LOCAL-UDP | NodePort 类型服务 UDP 端口,使用externalTrafficPolicy=local |
接受数据包到 NodePort 服务,使用 externalTrafficPolicy=local |
2.4 iptables与ipvs对比
-
iptables
- 工作在内核空间
- 优点
- 灵活,功能强大(可以在数据包不同阶段对包进行操作)
- 缺点
- 表中规则过多时,响应变慢,即规则遍历匹配和更新,呈线性时延
-
ipvs
- 工作在内核空间
- 优点
- 转发效率高
- 调度算法丰富:rr,wrr,lc,wlc,ip hash…
- 缺点
- 内核支持不全,低版本内核不能使用,需要升级到4.0或5.0以上。
-
使用iptables与ipvs时机
- 1.10版本之前使用iptables(1.1版本之前使用UserSpace进行转发)
- 1.11版本之后同时支持iptables与ipvs,默认使用ipvs,如果ipvs模块没有加载时,会自动降级至iptables
三、 service类型
Service类型决定了访问Service的方法
3.1 service类型
-
ClusterIP
- 默认,分配一个集群内部可以访问的虚拟IP
-
NodePort
- 在每个Node上分配一个端口作为外部访问入口
- nodePort端口范围为:30000-32767
-
LoadBalancer
- 工作在特定的Cloud Provider上,例如Google Cloud,AWS,OpenStack
-
ExternalName
- 表示把集群外部的服务引入到集群内部中来,即实现了集群内部pod和集群外部的服务进行通信
3.2 Service参数
-
port 访问service使用的端口
-
targetPort Pod中容器端口
-
nodePort 通过Node实现外网用户访问k8s集群内service (30000-32767)
四、 Service创建
Service的创建在工作中有两种方式,一是命令行创建,二是通过资源清单文件YAML文件创建。
4.1 ClusterIP类型
ClusterIP根据是否生成ClusterIP又可分为普通Service和Headless Service
Service两类:
- 普通Service:
为Kubernetes的Service分配一个集群内部可访问的固定虚拟IP(Cluster IP), 实现集群内的访问。
- Headless Service:
该服务不会分配Cluster IP, 也不通过kube-proxy做反向代理和负载均衡。而是通过DNS提供稳定的网络ID来访问,DNS会将headless service的后端直接解析为pod IP列表。
4.1.1 普通ClusterIP Service创建
4.1.1.1 命令行创建Service
- 创建Deployment类型的应用
[root@k8s-master01 ~]# cat 01_create_deployment_app_nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-server1
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: c1
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
- 应用资源清单文件
[root@k8s-master01 ~]# kubectl apply -f 01_create_deployment_app_nginx.yaml
- 验证Deployment类型的创建情况
[root@k8s-master01 ~]# kubectl get deployment.apps
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-server1 2/2 2 2 13s
- 创建ClusterIP类型service与Deployment类型应用关联
命令创建service
[root@k8s-master01 ~]# kubectl expose deployment.apps nginx-server1 --type=ClusterIP --target-port=80 --port=80
service/nginx-server1 exposed
说明
expose 创建service
deployment.apps 控制器类型
nginx-server1 应用名称,也是service名称
--type=ClusterIP 指定service类型
--target-port=80 指定Pod中容器端口
--port=80 指定service端口
4.1.1.2 通过资源清单文件创建Service
[root@k8s-master01 ~]# cat 02_create_deployment_app_nginx_with_service.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-server1
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx-smart
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
spec:
type: ClusterIP
ports:
- protocol: TCP
port: 80
targetPort: 80
selector:
app: nginx
[root@k8s-master01 ~]# kubectl apply -f 02_create_deployment_app_nginx_with_service.yaml
- 验证
查看service
[root@k8s-master01 ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 443/TCP 4d15h
nginx-svc ClusterIP 10.101.153.50 80/TCP 3s
查看endpoints
[root@k8s-master01 ~]# kubectl get endpoints
NAME ENDPOINTS AGE
kubernetes 192.168.122.30:6443 4d15h
nginx-svc 172.16.189.74:80,172.16.235.150:80 8s
查看Pod
[root@k8s-master01 ~]# kubectl get pods -l app=nginx
NAME READY STATUS RESTARTS AGE
nginx-server1-77d4c485d8-gsrmq 1/1 Running 0 12s
nginx-server1-77d4c485d8-mmc52 1/1 Running 0 12s
4.1.1.3 访问
[root@k8s-master01 ~]# curl http://10.101.153.50:80
<!DOCTYPE html>
Welcome to nginx!<<span class="token operator">/</span>title>
<style>
body <span class="token punctuation">{</span>
width: 35em<span class="token punctuation">;</span>
margin: 0 auto<span class="token punctuation">;</span>
font-family: Tahoma<span class="token punctuation">,</span> Verdana<span class="token punctuation">,</span> Arial<span class="token punctuation">,</span> sans-serif<span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<<span class="token operator">/</span>style>
<<span class="token operator">/</span>head>
<body>
<h1>Welcome to nginx!<<span class="token operator">/</span>h1>
<p><span class="token keyword">If</span> you see this page<span class="token punctuation">,</span> the nginx web server is successfully installed and
working<span class="token punctuation">.</span> Further configuration is required<span class="token punctuation">.</span><<span class="token operator">/</span>p>
<p><span class="token keyword">For</span> online documentation and support please refer to
<a href=<span class="token string">"http://nginx.org/"</span>>nginx<span class="token punctuation">.</span>org<<span class="token operator">/</span>a><span class="token punctuation">.</span><br/>
Commercial support is available at
<a href=<span class="token string">"http://nginx.com/"</span>>nginx<span class="token punctuation">.</span>com<<span class="token operator">/</span>a><span class="token punctuation">.</span><<span class="token operator">/</span>p>
<p><em>Thank you <span class="token keyword">for</span> <span class="token keyword">using</span> nginx<span class="token punctuation">.</span><<span class="token operator">/</span>em><<span class="token operator">/</span>p>
<<span class="token operator">/</span>body>
<<span class="token operator">/</span>html>
</code></pre>
<h4>4.1.1.4 两个pod里做成不同的主页方便测试负载均衡</h4>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it nginx-server1-77d4c485d8-gsrmq -- /bin/bash</span>
root@deployment-nginx-6fcfb67547-nv7dn:<span class="token operator">/</span><span class="token comment"># cd /usr/share/nginx/html/</span>
root@deployment-nginx-6fcfb67547-nv7dn:<span class="token operator">/</span>usr/share/nginx/html<span class="token comment"># echo web1 > index.html</span>
root@deployment-nginx-6fcfb67547-nv7dn:<span class="token operator">/</span>usr/share/nginx/html<span class="token comment"># exit</span>
<span class="token keyword">exit</span>
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it nginx-server1-77d4c485d8-mmc52 -- /bin/bash</span>
root@deployment-nginx-6fcfb67547-rqrcw:<span class="token operator">/</span><span class="token comment"># cd /usr/share/nginx/html/</span>
root@deployment-nginx-6fcfb67547-rqrcw:<span class="token operator">/</span>usr/share/nginx/html<span class="token comment"># echo web2 > index.html</span>
root@deployment-nginx-6fcfb67547-rqrcw:<span class="token operator">/</span>usr/share/nginx/html<span class="token comment"># exit</span>
<span class="token keyword">exit</span>
</code></pre>
<h4>4.1.1.5 测试</h4>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl 10.101.153.50</span>
或
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># while true;do curl 10.101.153.50;sleep 1; done</span>
</code></pre>
<h3>4.1.2 Headless Service</h3>
<ul>
<li>普通的ClusterIP service是service name解析为cluster ip,然后cluster ip对应到后面的pod ip</li>
<li>Headless service是指service name 直接解析为后面的pod ip</li>
</ul>
<h4>4.1.2.1 编写用于创建Deployment控制器类型的资源清单文件</h4>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># cat 03_create_deployment_app_nginx.yaml</span>
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-server1
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
<span class="token operator">-</span> name: nginx-smart
image: nginx:1<span class="token punctuation">.</span>15-alpine
imagePullPolicy: IfNotPresent
ports:
<span class="token operator">-</span> containerPort: 80
</code></pre>
<h4>4.1.2.2 通过资源清单文件创建headless Service</h4>
<pre><code class="prism language-powershell">编写YAML文件
命令
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># vim 04_headless-service.yml</span>
apiVersion: v1
kind: Service
metadata:
name: headless-service
namespace: default
spec:
<span class="token function">type</span>: ClusterIP <span class="token comment"># ClusterIP类型,也是默认类型</span>
clusterIP: None <span class="token comment"># None就代表是无头service</span>
ports: <span class="token comment"># 指定service 端口及容器端口</span>
<span class="token operator">-</span> port: 80 <span class="token comment"># service ip中的端口</span>
protocol: TCP
targetPort: 80 <span class="token comment"># pod中的端口</span>
selector: <span class="token comment"># 指定后端pod标签</span>
app: nginx <span class="token comment"># 可通过kubectl get pod -l app=nginx查看哪些pod在使用此标签</span>
</code></pre>
<h4>4.1.2.3 应用资源清单文件创建headless Service</h4>
<pre><code class="prism language-powershell">命令
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl apply -f 04_headless_service.yml</span>
输出
service/headless-service created
</code></pre>
<h4>4.1.2.4 查看已创建的headless Service</h4>
<pre><code class="prism language-powershell">命令
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get svc</span>
输出
NAME <span class="token function">TYPE</span> CLUSTER-IP EXTERNAL-IP PORT<span class="token punctuation">(</span>S<span class="token punctuation">)</span> AGE
headless-service ClusterIP None <none> 80/TCP 2m18s
kubernetes ClusterIP 10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>1 <none> 443/TCP 5d9h
可以看到headless-service没有CLUSTER-IP<span class="token punctuation">,</span>用None表示
</code></pre>
<h4>4.1.2.5 DNS</h4>
<p>DNS服务监视Kubernetes API,为每一个Service创建DNS记录用于域名解析</p>
<p>headless service需要DNS来解决访问问题</p>
<p>DNS记录格式为:<code> <service-name>.<namespace-name>.svc.cluster.local.</code></p>
<h5>4.1.2.5.1 查看kube-dns服务的IP</h5>
<pre><code class="prism language-powershell">命令
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get svc -n kube-system</span>
NAME <span class="token function">TYPE</span> CLUSTER-IP EXTERNAL-IP PORT<span class="token punctuation">(</span>S<span class="token punctuation">)</span> AGE
kube-dns ClusterIP 10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2 <none> 53/UDP<span class="token punctuation">,</span>53/TCP<span class="token punctuation">,</span>9153/TCP 5d9h
metrics-server ClusterIP 10<span class="token punctuation">.</span>105<span class="token punctuation">.</span>219<span class="token punctuation">.</span>44 <none> 443/TCP 45h
查看到coreDNS的服务地址是10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2
</code></pre>
<h5>4.1.2.5.2 在集群主机通过DNS服务地址查找无头服务的dns解析</h5>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># dig -t A headless-service.default.svc.cluster.local. @10.96.0.2</span>
<span class="token punctuation">;</span> <<>> DiG 9<span class="token punctuation">.</span>11<span class="token punctuation">.</span>4-P2-RedHat-9<span class="token punctuation">.</span>11<span class="token punctuation">.</span>4-16<span class="token punctuation">.</span>P2<span class="token punctuation">.</span>el7_8<span class="token punctuation">.</span>2 <<>> <span class="token operator">-</span>t A headless-service<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> @10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2
<span class="token punctuation">;</span><span class="token punctuation">;</span> global options: <span class="token operator">+</span>cmd
<span class="token punctuation">;</span><span class="token punctuation">;</span> Got answer:
<span class="token punctuation">;</span><span class="token punctuation">;</span> WARNING: <span class="token punctuation">.</span>local is reserved <span class="token keyword">for</span> Multicast DNS
<span class="token punctuation">;</span><span class="token punctuation">;</span> You are currently testing what happens when an mDNS query is leaked to DNS
<span class="token punctuation">;</span><span class="token punctuation">;</span> <span class="token operator">-</span>>>HEADER<<<span class="token operator">-</span> opcode: QUERY<span class="token punctuation">,</span> status: NOERROR<span class="token punctuation">,</span> id: 31371
<span class="token punctuation">;</span><span class="token punctuation">;</span> flags: qr aa <span class="token function">rd</span><span class="token punctuation">;</span> QUERY: 1<span class="token punctuation">,</span> ANSWER: 1<span class="token punctuation">,</span> AUTHORITY: 0<span class="token punctuation">,</span> ADDITIONAL: 1
<span class="token punctuation">;</span><span class="token punctuation">;</span> WARNING: recursion requested but not available
<span class="token punctuation">;</span><span class="token punctuation">;</span> OPT PSEUDOSECTION:
<span class="token punctuation">;</span> EDNS: version: 0<span class="token punctuation">,</span> flags:<span class="token punctuation">;</span> udp: 4096
<span class="token punctuation">;</span><span class="token punctuation">;</span> QUESTION SECTION:
<span class="token punctuation">;</span>headless-service<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> IN A <span class="token comment">#被解析域名</span>
<span class="token punctuation">;</span><span class="token punctuation">;</span> ANSWER SECTION:
headless-service<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> 30 IN A 10<span class="token punctuation">.</span>224<span class="token punctuation">.</span>235<span class="token punctuation">.</span>147 <span class="token comment">#注意这里IP</span>
<span class="token punctuation">;</span><span class="token punctuation">;</span> Query time: 0 msec
<span class="token punctuation">;</span><span class="token punctuation">;</span> SERVER: 10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>10<span class="token comment">#53(10.96.0.2)</span>
<span class="token punctuation">;</span><span class="token punctuation">;</span> WHEN: Sun May 17 10:58:50 CST 2020
<span class="token punctuation">;</span><span class="token punctuation">;</span> MSG SIZE rcvd: 129
</code></pre>
<h5>4.1.2.5.3 验证pod的IP</h5>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pod -o wide</span>
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deployment-56bf6c9c8c-jmk7r 1/1 Running 0 35m 10<span class="token punctuation">.</span>224<span class="token punctuation">.</span>235<span class="token punctuation">.</span>147 worker02 <none> <none>
</code></pre>
<h5>4.1.2.5.4 在集群中创建一个pod验证</h5>
<blockquote>
<p>创建一个镜像为busyboxplus:curl的pod,pod名称为bb2,用来解析域名</p>
</blockquote>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl run bbp --image=busyboxplus:curl -it</span>
<span class="token namespace">[root@master01 ~]</span><span class="token comment"># kubectl run bbp --image=1.28 -it</span>
<span class="token keyword">If</span> you don<span class="token string">'t see a command prompt, try pressing enter.
解析域名
nslookup headless-service.default.svc.cluster.local.
访问命令
[ root@bbp:/ ]$ curl http://headless-service.default.svc.cluster.local.
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
nginx.org.
Commercial support is available at
nginx.com.
Thank you for using nginx.
[ root@bbp:/ ]$ exit
Session ended, resume using 'kubectl attach bbp -c bbp -i -t' command when the pod is running
4.2 NodePort类型
- 创建资源清单文件
[root@k8s-master01 ~]# cat 05_create_nodeport_service_app.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-app
labels:
app: nginx-app
spec:
replicas: 2
selector:
matchLabels:
app: nginx-app
template:
metadata:
labels:
app: nginx-app
spec:
containers:
- name: c1
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx-app
spec:
type: NodePort
selector:
app: nginx-app
ports:
- protocol: TCP
nodePort: 30001
port: 8060
targetPort: 80
- 应用资源清单文件
[root@k8s-master01 ~]# kubectl apply -f 05_create_nodeport_service_app.yaml
deployment.apps/nginx-app created
service/nginx-app created
- 验证service创建
[root@k8s-master01 ~]# kubectl get deployment.apps
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-app 2/2 2 2 26s
[root@k8s-master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 443/TCP 2d22h
nginx-app NodePort 10.104.157.20 8060:30001/TCP 36s
[root@k8s-master01 ~]# kubectl get endpoints
NAME ENDPOINTS AGE
kubernetes 192.168.122.10:6443 2d22h
nginx-app 172.16.1.24:80,172.16.2.20:80 2m10s
[root@master01 ~]# ss -anput | grep ":30001"
tcp LISTEN 0 128 :::30001 :::* users:(("kube-proxy",pid=5826,fd=9))
[root@worker01 ~]# ss -anput | grep ":30001"
tcp LISTEN 0 128 :::30001 :::* users:(("kube-proxy",pid=4937,fd=11))
[root@worker02 ~]# ss -anput | grep ":30001"
tcp LISTEN 0 128 :::30001 :::* users:(("kube-proxy",pid=5253,fd=11))
[root@k8s-master01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-app-ffd5ccc78-cnwbx 1/1 Running 0 8m59s
nginx-app-ffd5ccc78-mz77g 1/1 Running 0 8m59s
[root@k8s-master01 ~]# kubectl exec -it nginx-app-ffd5ccc78-cnwbx -- bash
root@nginx-app-ffd5ccc78-cnwbx:/# echo "nginx-app-1" > /usr/share/nginx/html/index.html
root@nginx-app-ffd5ccc78-cnwbx:/# exit
[root@k8s-master01 ~]# kubectl exec -it nginx-app-ffd5ccc78-mz77g -- bash
root@nginx-app-ffd5ccc78-mz77g:/# echo "nginx-app-2" > /usr/share/nginx/html/index.html
root@nginx-app-ffd5ccc78-mz77g:/# exit
- 在与kubernetes 节点同一网络主机中访问k8s集群内service
[root@ha1 ~]# curl http://192.168.10.101:30001
nginx-app-2
[root@ha1 ~]# curl http://192.168.10.102:30001
nginx-app-1
[root@ha1 ~]# curl http://192.168.10.103:30001
nginx-app-1
[root@ha1 ~]# curl http://192.168.10.104:30001
nginx-app-2
4.3 LoadBalancer
4.3.1 集群外访问过程
-
用户
-
域名
-
云服务提供商提供LB服务
-
NodeIP:Port(service IP)
-
Pod IP:端口
4.3.2 自建Kubernetes的LoadBalancer类型服务方案-MetalLB
MetalLB可以为kubernetes集群中的Service提供网络负载均衡功能。
MetalLB两大功能为:
- 地址分配,类似于DHCP
- 外部通告,一旦MetalLB为服务分配了外部IP地址,它就需要使集群之外的网络意识到该IP在群集中“存在”。MetalLB使用标准路由协议来实现此目的:ARP,NDP或BGP。
4.3.2.1 参考资料
参考网址: https://metallb.universe.tf/installation/
4.3.2.2 应用资源清单文件
资源清单文件下载:
# kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/namespace.yaml
# kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/metallb.yaml
4.3.2.3 准备metallb配置文件
[root@k8s-master01 metallb]# cat metallb-conf.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: default
protocol: layer2
addresses:
- 192.168.10.100-192.168.10.120
集群节点服务器IP同一段。
在master01节点应用资源清单文件
[root@k8s-master01 ~]# kubectl apply -f metallb-conf.yaml
验证配置
# kubectl describe configmap config -n metallb-system
Name: config
Namespace: metallb-system
Labels:
Annotations:
Data
====
config:
----
address-pools:
- name: default
protocol: layer2
addresses:
- 192.168.10.100-192.168.10.120
Events:
4.3.2.4发布Service类型为LoadBalancer的Deployment控制器类型应用
创建Deployment控制器类型应用nginx-metallb及service,service类型为LoadBalancer
[root@k8s-master01 ~]# vim 02_nginx-metabllb.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-metallb
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx-metallb1
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx-metallb
spec:
ports:
- port: 8090
protocol: TCP
targetPort: 80
selector:
app: nginx
type: LoadBalancer
[root@k8s-master01 ~]# kubectl apply -f nginx.yaml
4.3.2.5 验证
[root@k8s-master01 ~]# kubectl get ns
NAME STATUS AGE
default Active 16d
kube-node-lease Active 16d
kube-public Active 16d
kube-system Active 16d
kubernetes-dashboard Active 13d
metallb-system Active 130m
test1 Active 12d
[root@k8s-master01 ~]# kubectl get pods -n metallb-system
NAME READY STATUS RESTARTS AGE
controller-64f8f944d-qdf8m 1/1 Running 0 110m
speaker-cwzq7 1/1 Running 0 110m
speaker-qk5fb 1/1 Running 0 110m
speaker-wsllb 1/1 Running 0 110m
speaker-x4bwt 1/1 Running 0 110m
[root@k8s-master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 443/TCP 16d
nginx-metallb LoadBalancer 10.105.239.69 192.168.10.115 8090:31372/TCP 106m
[root@k8s-master01 ~]# ping 192.168.10.115
PING 192.168.10.90 (192.168.10.90) 56(84) bytes of data.
64 bytes from 192.168.10.90: icmp_seq=1 ttl=64 time=3.45 ms
64 bytes from 192.168.10.90: icmp_seq=2 ttl=64 time=0.040 ms
4.3.2.6 访问
[root@k8s-master01 ~]# curl http://192.168.122.115:8090
<!DOCTYPE html>
Welcome to nginx!<<span class="token operator">/</span>title>
<style>
body <span class="token punctuation">{</span>
width: 35em<span class="token punctuation">;</span>
margin: 0 auto<span class="token punctuation">;</span>
font-family: Tahoma<span class="token punctuation">,</span> Verdana<span class="token punctuation">,</span> Arial<span class="token punctuation">,</span> sans-serif<span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<<span class="token operator">/</span>style>
<<span class="token operator">/</span>head>
<body>
<h1>Welcome to nginx!<<span class="token operator">/</span>h1>
<p><span class="token keyword">If</span> you see this page<span class="token punctuation">,</span> the nginx web server is successfully installed and
working<span class="token punctuation">.</span> Further configuration is required<span class="token punctuation">.</span><<span class="token operator">/</span>p>
<p><span class="token keyword">For</span> online documentation and support please refer to
<a href=<span class="token string">"http://nginx.org/"</span>>nginx<span class="token punctuation">.</span>org<<span class="token operator">/</span>a><span class="token punctuation">.</span><br/>
Commercial support is available at
<a href=<span class="token string">"http://nginx.com/"</span>>nginx<span class="token punctuation">.</span>com<<span class="token operator">/</span>a><span class="token punctuation">.</span><<span class="token operator">/</span>p>
<p><em>Thank you <span class="token keyword">for</span> <span class="token keyword">using</span> nginx<span class="token punctuation">.</span><<span class="token operator">/</span>em><<span class="token operator">/</span>p>
<<span class="token operator">/</span>body>
<<span class="token operator">/</span>html>
</code></pre>
<p><strong>注意:使用kubeadm部署kubernetes集群修改方法</strong></p>
<pre><code class="prism language-powershell">如果在IPVS模式下使用kube-proxy,从Kubernetes v1<span class="token punctuation">.</span>14<span class="token punctuation">.</span>2开始,必须启用ARP模式。
可以通过在当前集群中编辑kube-proxy配置来实现:
<span class="token comment"># kubectl edit configmap -n kube-system kube-proxy</span>
并设置:
apiVersion: kubeproxy<span class="token punctuation">.</span>config<span class="token punctuation">.</span>k8s<span class="token punctuation">.</span>io/v1alpha1
kind: KubeProxyConfiguration
mode: <span class="token string">"ipvs"</span>
ipvs:
strictARP: true
</code></pre>
<h2>4.4 ExternalName</h2>
<h3>4.4.1 ExternalName作用</h3>
<ul>
<li>把集群外部的服务引入到集群内部中来,实现了集群内部pod和集群外部的服务进行通信</li>
<li>ExternalName 类型的服务适用于外部服务使用域名的方式,缺点是不能指定端口</li>
<li>还有一点要注意: 集群内的Pod会继承Node上的DNS解析规则。所以只要Node可以访问的服务,Pod中也可以访问到, 这就实现了集群内服务访问集群外服务</li>
</ul>
<h3>4.4.2 将公网域名引入</h3>
<ol>
<li>编写YAML文件</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># vim externelname.yml</span>
apiVersion: v1
kind: Service
metadata:
name: my-externalname
namespace: default
spec:
<span class="token function">type</span>: ExternalName
externalName: www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com <span class="token comment"># 对应的外部域名为www.baidu.com</span>
</code></pre>
<ol start="2">
<li>应用YAML文件</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl apply -f externelname.yml</span>
service/my-externalname created
</code></pre>
<ol start="3">
<li>查看service</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get svc |grep exter</span>
my-externalname ExternalName <none> www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com <none> 69s
</code></pre>
<ol start="4">
<li>查看my-service的dns解析</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># dig -t A my-externalname.default.svc.cluster.local. @10.96.0.2</span>
<span class="token punctuation">;</span> <<>> DiG 9<span class="token punctuation">.</span>9<span class="token punctuation">.</span>4-RedHat-9<span class="token punctuation">.</span>9<span class="token punctuation">.</span>4-72<span class="token punctuation">.</span>el7 <<>> <span class="token operator">-</span>t A my-externalname<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> @10<span class="token punctuation">.</span>2<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2
<span class="token punctuation">;</span><span class="token punctuation">;</span> global options: <span class="token operator">+</span>cmd
<span class="token punctuation">;</span><span class="token punctuation">;</span> Got answer:
<span class="token punctuation">;</span><span class="token punctuation">;</span> <span class="token operator">-</span>>>HEADER<<<span class="token operator">-</span> opcode: QUERY<span class="token punctuation">,</span> status: NOERROR<span class="token punctuation">,</span> id: 31378
<span class="token punctuation">;</span><span class="token punctuation">;</span> flags: qr aa <span class="token function">rd</span><span class="token punctuation">;</span> QUERY: 1<span class="token punctuation">,</span> ANSWER: 4<span class="token punctuation">,</span> AUTHORITY: 0<span class="token punctuation">,</span> ADDITIONAL: 1
<span class="token punctuation">;</span><span class="token punctuation">;</span> WARNING: recursion requested but not available
<span class="token punctuation">;</span><span class="token punctuation">;</span> OPT PSEUDOSECTION:
<span class="token punctuation">;</span> EDNS: version: 0<span class="token punctuation">,</span> flags:<span class="token punctuation">;</span> udp: 4096
<span class="token punctuation">;</span><span class="token punctuation">;</span> QUESTION SECTION:
<span class="token punctuation">;</span>my-externalname<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> IN A
<span class="token punctuation">;</span><span class="token punctuation">;</span> ANSWER SECTION:
my-externalname<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> 5 IN CNAME www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com<span class="token punctuation">.</span>
www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com<span class="token punctuation">.</span> 5 IN CNAME www<span class="token punctuation">.</span>a<span class="token punctuation">.</span>shifen<span class="token punctuation">.</span>com<span class="token punctuation">.</span>
www<span class="token punctuation">.</span>a<span class="token punctuation">.</span>shifen<span class="token punctuation">.</span>com<span class="token punctuation">.</span> 5 IN A 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>38 解析的是百度的IP
www<span class="token punctuation">.</span>a<span class="token punctuation">.</span>shifen<span class="token punctuation">.</span>com<span class="token punctuation">.</span> 5 IN A 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>39 解析的是百度的IP
<span class="token punctuation">;</span><span class="token punctuation">;</span> Query time: 32 msec
<span class="token punctuation">;</span><span class="token punctuation">;</span> SERVER: 10<span class="token punctuation">.</span>2<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2<span class="token comment">#53(10.96.0.2)</span>
<span class="token punctuation">;</span><span class="token punctuation">;</span> WHEN: Thu Nov 05 11:23:41 CST 2020
<span class="token punctuation">;</span><span class="token punctuation">;</span> MSG SIZE rcvd: 245
</code></pre>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it deploy-nginx-6c9764bb69-86gwj -- /bin/sh</span>
<span class="token operator">/</span> <span class="token comment"># nslookup www.baidu.com</span>
<span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span>
Name: www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com
Address 1: 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>39
Address 2: 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>38
<span class="token operator">/</span> <span class="token comment"># nslookup my-externalname.default.svc.cluster.local </span>
<span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span>
Name: my-externalname<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local
Address 1: 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>38
Address 2: 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>39
</code></pre>
<p>解析此<code>my-externalname.default.svc.cluster.local</code>域名和解析<code>www.baidu.com</code>是一样的结果</p>
<h3>4.4.3 不同命名空间访问</h3>
<ol>
<li>创建ns1命名空间和相关deploy, pod,service</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># vim ns1-nginx.yml</span>
apiVersion: v1
kind: Namespace
metadata:
name: ns1 <span class="token comment"># 创建ns1命名空间</span>
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: ns1 <span class="token comment"># 属于ns1命名空间</span>
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
<span class="token operator">-</span> name: nginx
image: nginx:1<span class="token punctuation">.</span>15-alpine
imagePullPolicy: IfNotPresent
ports:
<span class="token operator">-</span> containerPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: v1
kind: Service
metadata:
name: svc1 <span class="token comment"># 服务名</span>
namespace: ns1 <span class="token comment"># 属于ns1命名空间</span>
spec:
selector:
app: nginx
clusterIP: None <span class="token comment"># 无头service</span>
ports:
<span class="token operator">-</span> port: 80
targetPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
kind: Service
apiVersion: v1
metadata:
name: external-svc1
namespace: ns1 <span class="token comment"># 属于ns1命名空间</span>
spec:
<span class="token function">type</span>: ExternalName
externalName: svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local <span class="token comment"># 将ns2空间的svc2服务引入到ns1命名空间 </span>
<span class="token namespace">[root@k8s-master1 ~]</span><span class="token comment"># kubectl apply -f ns1-nginx.yml</span>
namespace/ns1 created
deployment<span class="token punctuation">.</span>apps/deploy-nginx created
service/svc1 created
</code></pre>
<ol start="2">
<li>创建ns2命名空间和相关deploy, pod,service</li>
</ol>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># vim ns1-nginx.yml</span>
apiVersion: v1
kind: Namespace
metadata:
name: ns2 <span class="token comment"># 创建ns2命名空间</span>
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: ns2 <span class="token comment"># 属于ns2命名空间</span>
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
<span class="token operator">-</span> name: nginx
image: nginx:1<span class="token punctuation">.</span>15-alpine
imagePullPolicy: IfNotPresent
ports:
<span class="token operator">-</span> containerPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: v1
kind: Service
metadata:
name: svc2 <span class="token comment"># 服务名</span>
namespace: ns2 <span class="token comment"># 属于ns2命名空间</span>
spec:
selector:
app: nginx
clusterIP: None <span class="token comment"># 无头service</span>
ports:
<span class="token operator">-</span> port: 80
targetPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
kind: Service
apiVersion: v1
metadata:
name: external-svc1
namespace: ns2 <span class="token comment"># 属于ns2命名空间</span>
spec:
<span class="token function">type</span>: ExternalName
externalName: svc1<span class="token punctuation">.</span>ns1<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local <span class="token comment"># 将ns1空间的svc1服务引入到ns2命名空间</span>
</code></pre>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl apply -f ns2-nginx.yml</span>
namespace/ns2 created
deployment<span class="token punctuation">.</span>apps/deploy-nginx created
service/svc2 created
service/external-svc2 created
</code></pre>
<ol start="3">
<li>在ns1命名空间的pod里验证</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -n ns1</span>
NAME READY STATUS RESTARTS AGE
deploy-nginx-6c9764bb69-g5xl8 1/1 Running 0 8m10s
</code></pre>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it -n ns1 deploy-nginx-6c9764bb69-g5xl8 -- /bin/sh</span>
<span class="token operator">/</span> <span class="token comment"># nslookup svc1</span>
<span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span>
Name: svc1
Address 1: 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>140 deploy-nginx-6c9764bb69-g5xl8 IP与ns1里的podIP一致<span class="token punctuation">(</span>见下面的查询结果<span class="token punctuation">)</span>
<span class="token operator">/</span> <span class="token comment"># nslookup svc2.ns2.svc.cluster.local</span>
<span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span>
Name: svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local
Address 1: 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>104<span class="token punctuation">.</span>17 10-3-104-17<span class="token punctuation">.</span>svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local IP与ns2里的podIP一致<span class="token punctuation">(</span>见下面的查询结果<span class="token punctuation">)</span>
<span class="token operator">/</span> <span class="token comment"># exit</span>
</code></pre>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -o wide -n ns1</span>
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6c9764bb69-g5xl8 1/1 Running 0 70m 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>140 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>13 <none> <none>
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -o wide -n ns2</span>
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READI NESS GATES
deploy-nginx-6c9764bb69-8psxl 1/1 Running 0 68m 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>104<span class="token punctuation">.</span>17 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>14 <none> <none>
</code></pre>
<p>反之,在ns2命名空间的pod里访问<code>svc1.ns1.svc.cluster.local</code>,解析的IP是ns1命名空间里的pod的IP(请自行验证)</p>
<ol start="4">
<li>验证ns2中的pod的IP变化, ns1中的pod仍然可以使用<code>svc2.ns2.svc.cluster.local</code>访问</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pod -n ns2</span>
NAME READY STATUS RESTARTS AGE
deploy-nginx-6c9764bb69-8psxl 1/1 Running 0 81m
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod deploy-nginx-6c9764bb69-8psxl -n ns2</span>
pod <span class="token string">"deploy-nginx-6c9764bb69-8psxl"</span> deleted 因为有replicas控制器,所以删除pod会自动拉一个起来
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pod -o wide -n ns2</span>
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6c9764bb69-8qbz2 1/1 Running 0 5m36s 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>13 <none> <none>
pod名称变了<span class="token punctuation">,</span>IP也变成了10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141
</code></pre>
<p>回到ns1中的pod验证</p>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it -n ns1 deploy-nginx-6c9764bb69-g5xl8 -- /bin/sh</span>
<span class="token operator">/</span> <span class="token comment"># ping svc2.ns2.svc.cluster.local -c 2</span>
PING svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local <span class="token punctuation">(</span>10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141<span class="token punctuation">)</span>: 56 <span class="token keyword">data</span> bytes 解析的IP就是ns2中pod的新IP
64 bytes <span class="token keyword">from</span> 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141: seq=0 ttl=63 time=0<span class="token punctuation">.</span>181 ms
64 bytes <span class="token keyword">from</span> 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141: seq=1 ttl=63 time=0<span class="token punctuation">.</span>186 ms
<span class="token operator">--</span><span class="token operator">-</span> svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local ping statistics <span class="token operator">--</span><span class="token operator">-</span>
2 packets transmitted<span class="token punctuation">,</span> 2 packets received<span class="token punctuation">,</span> 0% packet loss
round-trip min/avg/max = 0<span class="token punctuation">.</span>181/0<span class="token punctuation">.</span>183/0<span class="token punctuation">.</span>186 ms
<span class="token operator">/</span> <span class="token comment"># exit</span>
</code></pre>
<h1>五、sessionAffinity</h1>
<blockquote>
<p>会话粘贴</p>
</blockquote>
<p>设置sessionAffinity为Clientip (类似nginx的ip_hash算法,lvs的sh算法)</p>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># cat 02_create_deployment_app_nginx_with_service.yaml</span>
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-server1
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
<span class="token operator">-</span> name: c1
image: nginx:1<span class="token punctuation">.</span>15-alpine
imagePullPolicy: IfNotPresent
ports:
<span class="token operator">-</span> containerPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
spec:
<span class="token function">type</span>: ClusterIP
ports:
<span class="token operator">-</span> protocol: TCP
port: 80
targetPort: 80
selector:
app: nginx
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl apply -f 02_create_deployment_app_nginx_with_service.yaml</span>
deployment<span class="token punctuation">.</span>apps/nginx-server1 created
service/nginx-svc created
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods</span>
NAME READY STATUS RESTARTS AGE
nginx-server1-58845f75f4-9zlnw 1/1 Running 0 2m11s
nginx-server1-58845f75f4-ffqdt 1/1 Running 0 2m11s
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it nginx-server1-58845f75f4-9zlnw bash</span>
kubectl exec <span class="token namespace">[POD]</span> <span class="token namespace">[COMMAND]</span> is DEPRECATED and will be removed in a future version<span class="token punctuation">.</span> Use kubectl kubectl exec <span class="token namespace">[POD]</span> <span class="token operator">--</span> <span class="token namespace">[COMMAND]</span> instead<span class="token punctuation">.</span>
root@nginx-server1-58845f75f4-9zlnw:<span class="token operator">/</span><span class="token comment"># echo web1 > /usr/share/nginx/html/index.html</span>
root@nginx-server1-58845f75f4-9zlnw:<span class="token operator">/</span><span class="token comment"># exit</span>
<span class="token keyword">exit</span>
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it nginx-server1-58845f75f4-ffqdt bash</span>
kubectl exec <span class="token namespace">[POD]</span> <span class="token namespace">[COMMAND]</span> is DEPRECATED and will be removed in a future version<span class="token punctuation">.</span> Use kubectl kubectl exec <span class="token namespace">[POD]</span> <span class="token operator">--</span> <span class="token namespace">[COMMAND]</span> instead<span class="token punctuation">.</span>
root@nginx-server1-58845f75f4-ffqdt:<span class="token operator">/</span><span class="token comment"># echo web2 > /usr/share/nginx/html/index.html</span>
root@nginx-server1-58845f75f4-ffqdt:<span class="token operator">/</span><span class="token comment"># exit</span>
<span class="token keyword">exit</span>
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get svc</span>
NAME <span class="token function">TYPE</span> CLUSTER-IP EXTERNAL-IP PORT<span class="token punctuation">(</span>S<span class="token punctuation">)</span> AGE
kubernetes ClusterIP 10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>1 <none> 443/TCP 16d
nginx-svc ClusterIP 10<span class="token punctuation">.</span>100<span class="token punctuation">.</span>53<span class="token punctuation">.</span>31 <none> 80/TCP 3m53s
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl http://10.100.53.31</span>
web1
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl http://10.100.53.31</span>
web2
或
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># while true;do curl 10.100.53.31;sleep 1; done</span>
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl patch svc nginx-svc -p '{"spec":{"sessionAffinity":"ClientIP"}}'</span>
service/nginx-svc patched
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl 10.100.53.31</span>
web1
多次访问<span class="token punctuation">,</span>会话粘贴
</code></pre>
<pre><code class="prism language-powershell">设置回sessionAffinity为None
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl patch svc nginx-svc -p '{"spec":{"sessionAffinity":"None"}}'</span>
service/my-service patched
</code></pre>
<pre><code class="prism language-powershell">测试
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl 10.100.53.31</span>
web1
多次访问<span class="token punctuation">,</span>回到负载均衡
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># while true;do curl 10.100.53.31;sleep 1; done</span>
web1
多次访问<span class="token punctuation">,</span>会话粘贴
</code></pre>
<h1>六、修改为ipvs调度方式(拓展)</h1>
<blockquote>
<p>部署方式不同,修改方法不一样。</p>
<p>本次主要介绍使用kubeadm部署集群方式,二进制部署较为简单。</p>
<p>二进制部署修改:/etc/kubernetes/kube-proxy.yaml文件即可。</p>
</blockquote>
<p>从kubernetes1.8版本开始,新增了kube-proxy对ipvs的支持,在kubernetes1.11版本中被纳入了GA.</p>
<h2>6.1 修改为IPVS调度方式前升级内核</h2>
<blockquote>
<p>现使用Centos7u6发布版本,默认内核版本为3.10.0,使用kubernetes为1.18.0时,可升级内核版本至4.18.0或5.6.0版本。</p>
</blockquote>
<blockquote>
<p>在所有节点中安装,需要重启操作系统更换内核。以下升级方法供参考。</p>
</blockquote>
<pre><code class="prism language-powershell"><span class="token namespace">[root@localhost ~]</span><span class="token comment"># yum -y install perl</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># yum -y install https://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># yum --enablerepo="elrepo-kernel" -y install kernel-ml.x86_64 </span>
此处升级为5<span class="token punctuation">.</span>0以上版本。
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># grub2-set-default 0</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># grub2-mkconfig -o /boot/grub2/grub.cfg</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># reboot</span>
</code></pre>
<h2>6.2 修改kube-proxy的配置文件</h2>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl edit configmap kube-proxy -n kube-system</span>
26 iptables:
27 masqueradeAll: false
28 masqueradeBit: 14
29 minSyncPeriod: 0s
30 syncPeriod: 30s
31 ipvs:
32 excludeCIDRs: null
33 minSyncPeriod: 0s
34 scheduler: <span class="token string">""</span> <span class="token comment"># 可以在这里修改ipvs的算法,默认为rr轮循算法</span>
35 strictARP: false
36 syncPeriod: 30s
37 kind: KubeProxyConfiguration
38 metricsBindAddress: 127<span class="token punctuation">.</span>0<span class="token punctuation">.</span>0<span class="token punctuation">.</span>1:10249
39 mode: <span class="token string">"ipvs"</span> <span class="token comment"># 默认""号里为空,加上ipvs</span>
</code></pre>
<h2>6.3 查看kube-system的namespace中kube-proxy有关的pod</h2>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -n kube-system |grep kube-proxy</span>
kube-proxy-69mv6 1/1 Running 6 2d18h
kube-proxy-jpc6c 1/1 Running 4 4d16h
kube-proxy-kq65l 1/1 Running 4 4d16h
kube-proxy-lmphf 1/1 Running 5 4d16h
</code></pre>
<h2>6.4 验证kube-proxy-xxx的pod中的信息</h2>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl logs kube-proxy-jpc6c -n kube-system</span>
W0517 00:55:10<span class="token punctuation">.</span>914754 1 server_others<span class="token punctuation">.</span>go:559<span class="token punctuation">]</span> Unknown proxy mode <span class="token string">""</span><span class="token punctuation">,</span> assuming iptables proxy
I0517 00:55:10<span class="token punctuation">.</span>923228 1 node<span class="token punctuation">.</span>go:136<span class="token punctuation">]</span> Successfully retrieved node IP: 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>32
I0517 00:55:10<span class="token punctuation">.</span>923264 1 server_others<span class="token punctuation">.</span>go:186<span class="token punctuation">]</span> <span class="token keyword">Using</span> iptables Proxier<span class="token punctuation">.</span>
I0517 00:55:10<span class="token punctuation">.</span>923567 1 server<span class="token punctuation">.</span>go:583<span class="token punctuation">]</span> Version: v1<span class="token punctuation">.</span>18<span class="token punctuation">.</span>2
I0517 00:55:10<span class="token punctuation">.</span>923965 1 conntrack<span class="token punctuation">.</span>go:100<span class="token punctuation">]</span> <span class="token function">Set</span> sysctl <span class="token string">'net/netfilter/nf_conntrack_max'</span> to 131072
I0517 00:55:10<span class="token punctuation">.</span>924001 1 conntrack<span class="token punctuation">.</span>go:52<span class="token punctuation">]</span> Setting nf_conntrack_max to 131072
I0517 00:55:10<span class="token punctuation">.</span>924258 1 conntrack<span class="token punctuation">.</span>go:83<span class="token punctuation">]</span> Setting conntrack hashsize to 32768
I0517 00:55:10<span class="token punctuation">.</span>927041 1 conntrack<span class="token punctuation">.</span>go:100<span class="token punctuation">]</span> <span class="token function">Set</span> sysctl <span class="token string">'net/netfilter/nf_conntrack_tcp_timeout_established'</span> to 86400
I0517 00:55:10<span class="token punctuation">.</span>927086 1 conntrack<span class="token punctuation">.</span>go:100<span class="token punctuation">]</span> <span class="token function">Set</span> sysctl <span class="token string">'net/netfilter/nf_conntrack_tcp_timeout_close_wait'</span> to 3600
I0517 00:55:10<span class="token punctuation">.</span>927540 1 config<span class="token punctuation">.</span>go:315<span class="token punctuation">]</span> Starting service config controller
I0517 00:55:10<span class="token punctuation">.</span>927556 1 shared_informer<span class="token punctuation">.</span>go:223<span class="token punctuation">]</span> Waiting <span class="token keyword">for</span> caches to sync <span class="token keyword">for</span> service config
I0517 00:55:10<span class="token punctuation">.</span>927576 1 config<span class="token punctuation">.</span>go:133<span class="token punctuation">]</span> Starting endpoints config controller
I0517 00:55:10<span class="token punctuation">.</span>927594 1 shared_informer<span class="token punctuation">.</span>go:223<span class="token punctuation">]</span> Waiting <span class="token keyword">for</span> caches to sync <span class="token keyword">for</span> endpoints config
I0517 00:55:11<span class="token punctuation">.</span>027749 1 shared_informer<span class="token punctuation">.</span>go:230<span class="token punctuation">]</span> Caches are synced <span class="token keyword">for</span> service config
I0517 00:55:11<span class="token punctuation">.</span>027858 1 shared_informer<span class="token punctuation">.</span>go:230<span class="token punctuation">]</span> Caches are synced <span class="token keyword">for</span> endpoints config
</code></pre>
<h2>6.5 重新启动kube-proxy</h2>
<blockquote>
<p>删除kube-proxy-xxx的所有pod,让它重新拉取新的kube-proxy-xxx的pod</p>
</blockquote>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod kube-proxy-69mv6 -n kube-system</span>
pod <span class="token string">"kube-proxy-69mv6"</span> deleted
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod kube-proxy-jpc6c -n kube-system</span>
pod <span class="token string">"kube-proxy-jpc6c"</span> deleted
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod kube-proxy-kq65l -n kube-system</span>
pod <span class="token string">"kube-proxy-kq65l"</span> deleted
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod kube-proxy-lmphf -n kube-system</span>
pod <span class="token string">"kube-proxy-lmphf"</span> deleted
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -n kube-system |grep kube-proxy</span>
kube-proxy-2mk2b 1/1 Running 0 2m23s
kube-proxy-5bj87 1/1 Running 0 30s
kube-proxy-7qq9l 1/1 Running 0 52s
kube-proxy-tjtqf 1/1 Running 0 80s
</code></pre>
<pre><code class="prism language-powershell">随意查看其中1个或3个kube-proxy-xxx的pod<span class="token punctuation">,</span>验证是否为IPVS方式了
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl logs kube-proxy-tjtqf -n kube-system</span>
I0517 02:32:26<span class="token punctuation">.</span>557696 1 node<span class="token punctuation">.</span>go:136<span class="token punctuation">]</span> Successfully retrieved node IP: 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>32
I0517 02:32:26<span class="token punctuation">.</span>557745 1 server_others<span class="token punctuation">.</span>go:259<span class="token punctuation">]</span> <span class="token keyword">Using</span> ipvs Proxier<span class="token punctuation">.</span>
W0517 02:32:26<span class="token punctuation">.</span>557912 1 proxier<span class="token punctuation">.</span>go:429<span class="token punctuation">]</span> IPVS scheduler not specified<span class="token punctuation">,</span> use rr by default
I0517 02:32:26<span class="token punctuation">.</span>560008 1 server<span class="token punctuation">.</span>go:583<span class="token punctuation">]</span> Version: v1<span class="token punctuation">.</span>18<span class="token punctuation">.</span>2
I0517 02:32:26<span class="token punctuation">.</span>560428 1 conntrack<span class="token punctuation">.</span>go:52<span class="token punctuation">]</span> Setting nf_conntrack_max to 131072
I0517 02:32:26<span class="token punctuation">.</span>561094 1 config<span class="token punctuation">.</span>go:315<span class="token punctuation">]</span> Starting service config controller
I0517 02:32:26<span class="token punctuation">.</span>562251 1 shared_informer<span class="token punctuation">.</span>go:223<span class="token punctuation">]</span> Waiting <span class="token keyword">for</span> caches to sync <span class="token keyword">for</span> service config
I0517 02:32:26<span class="token punctuation">.</span>561579 1 config<span class="token punctuation">.</span>go:133<span class="token punctuation">]</span> Starting endpoints config controller
I0517 02:32:26<span class="token punctuation">.</span>562271 1 shared_informer<span class="token punctuation">.</span>go:223<span class="token punctuation">]</span> Waiting <span class="token keyword">for</span> caches to sync <span class="token keyword">for</span> endpoints config
I0517 02:32:26<span class="token punctuation">.</span>662541 1 shared_informer<span class="token punctuation">.</span>go:230<span class="token punctuation">]</span> Caches are synced <span class="token keyword">for</span> service config
I0517 02:32:26<span class="token punctuation">.</span>662566 1 shared_informer<span class="token punctuation">.</span>go:230<span class="token punctuation">]</span> Caches are synced <span class="token keyword">for</span> endpoints config
</code></pre>
</div>
</div>
</div>
</div>
</div>
<!--PC和WAP自适应版-->
<div id="SOHUCS" sid="1639316118835355648"></div>
<script type="text/javascript" src="/views/front/js/chanyan.js"></script>
<!-- 文章页-底部 动态广告位 -->
<div class="youdao-fixed-ad" id="detail_ad_bottom"></div>
</div>
<div class="col-md-3">
<div class="row" id="ad">
<!-- 文章页-右侧1 动态广告位 -->
<div id="right-1" class="col-lg-12 col-md-12 col-sm-4 col-xs-4 ad">
<div class="youdao-fixed-ad" id="detail_ad_1"> </div>
</div>
<!-- 文章页-右侧2 动态广告位 -->
<div id="right-2" class="col-lg-12 col-md-12 col-sm-4 col-xs-4 ad">
<div class="youdao-fixed-ad" id="detail_ad_2"></div>
</div>
<!-- 文章页-右侧3 动态广告位 -->
<div id="right-3" class="col-lg-12 col-md-12 col-sm-4 col-xs-4 ad">
<div class="youdao-fixed-ad" id="detail_ad_3"></div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="container">
<h4 class="pt20 mb15 mt0 border-top">你可能感兴趣的:(k8s,kubernetes)</h4>
<div id="paradigm-article-related">
<div class="recommend-post mb30">
<ul class="widget-links">
<li><a href="/article/1892439165430198272.htm"
title="容器docker k8s相关的问题汇总及排错" target="_blank">容器docker k8s相关的问题汇总及排错</a>
<span class="text-muted">weixin_43806846</span>
<a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>1.明确问题2.排查方向2.1、docker方面dockerlogs-f容器IDdocker的网络配置问题。2.2、k8s方面node组件问题pod的问题(方式kubectldescribepopod的名称-n命名空间&&kubectllogs-fpod的名称-n命名空间)调度的问题(污点、节点选择器与标签不匹配、存储卷的问题)service问题(访问不了,ingress的问题、service标签</div>
</li>
<li><a href="/article/1892424024693207040.htm"
title="【k8s应用管理】kubernetes HPA+rancher" target="_blank">【k8s应用管理】kubernetes HPA+rancher</a>
<span class="text-muted">Karoku066</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/rancher/1.htm">rancher</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4/1.htm">运维</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>文章目录KubernetesHPA部署指南概述部署metrics-server部署HPARancher管理Kubernetes集群指南实验环境安装及配置RancherKubernetesHPA部署指南概述KubernetesHPA(HorizontalPodAutoscaling)可以根据Pod的CPU利用率自动调整Deployment、ReplicationController或ReplicaS</div>
</li>
<li><a href="/article/1892419734998151168.htm"
title="【后端】k8s" target="_blank">【后端】k8s</a>
<span class="text-muted">骑鱼过海的猫123</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>1.命令1.1获取service服务获取集群内所有命名空间的service服务sudokubectlgetservice--all-namespaces获取集群内指定命名空间的service服务sudokubectlgetservice-n命名空间当权限限制到一个命名空间时,只能使用下面这个sudokubectl-n命名空间getservice获取集群内当前命名空间的service服务sudoku</div>
</li>
<li><a href="/article/1892417589682958336.htm"
title="redis的主从复制配置" target="_blank">redis的主从复制配置</a>
<span class="text-muted">zhaikaiyun</span>
<a class="tag" taget="_blank" href="/search/redis/1.htm">redis</a>
<div>通过持久化功能,redis保证了即使在服务器重启的情况下也不会丢失或少量丢失数据,但是由于数据存储在一台服务器上,如果这台服务器出现故障,比如磁盘坏了,也会导致数据丢失。为了避免这个单点故障,可以使用主从复制的方式,将主更新的数据,自动更新同步到其他服务器上。主从节点配置[root@k8smasterconfig]#moreredis6380.confinclude/data/redis/redi</div>
</li>
<li><a href="/article/1892404729082867712.htm"
title="前端504错误分析" target="_blank">前端504错误分析</a>
<span class="text-muted">ox0080</span>
<a class="tag" taget="_blank" href="/search/%23/1.htm">#</a><a class="tag" taget="_blank" href="/search/%E5%8C%97%E6%BC%82%2B%E6%BB%B4%E6%BB%B4%E5%87%BA%E8%A1%8C/1.htm">北漂+滴滴出行</a><a class="tag" taget="_blank" href="/search/Web/1.htm">Web</a><a class="tag" taget="_blank" href="/search/VIP/1.htm">VIP</a><a class="tag" taget="_blank" href="/search/%E6%BF%80%E5%8A%B1/1.htm">激励</a><a class="tag" taget="_blank" href="/search/%E5%89%8D%E7%AB%AF/1.htm">前端</a>
<div>前端出现504错误(网关超时)通常是由于代理服务器未能及时从上游服务获取响应。以下是详细分析步骤和解决方案:1.确认错误来源504含义:代理服务器(如Nginx、Apache)在等待后端服务响应时超时。常见架构:前端→代理服务器→后端服务,问题通常出在代理与后端之间。2.排查步骤(1)检查后端服务状态确认服务是否运行:通过日志或监控工具(如systemctlstatus,KubernetesPod</div>
</li>
<li><a href="/article/1892344203044777984.htm"
title="网络流量如何从公共互联网抵达Kubernetes容器 Pod?" target="_blank">网络流量如何从公共互联网抵达Kubernetes容器 Pod?</a>
<span class="text-muted">硅基创想家</span>
<a class="tag" taget="_blank" href="/search/%23/1.htm">#</a><a class="tag" taget="_blank" href="/search/Kubernetes%E5%AE%9E%E6%88%98%E4%B8%8E%E7%BB%8F%E9%AA%8C/1.htm">Kubernetes实战与经验</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>“解释网络流量如何从公共互联网抵达Kubernetes容器(Pod)”,这是DevOps技术面试中相当常见的问题。对这个问题给出准确且详尽的回答,能体现出DevOps工程师对Kubernetes各项流程的熟悉程度。在本文中,我将以在AWSEKS上运行Kubernetes为例,梳理这一过程。简短的答案可以概括为:用户请求→域名系统(DNS)→弹性负载均衡器(ELB)→Ingress控制器(可选)→K</div>
</li>
<li><a href="/article/1892344076632649728.htm"
title="Kubernetes的Ingress和Service有什么区别?" target="_blank">Kubernetes的Ingress和Service有什么区别?</a>
<span class="text-muted">硅基创想家</span>
<a class="tag" taget="_blank" href="/search/%23/1.htm">#</a><a class="tag" taget="_blank" href="/search/Kubernetes%E5%AE%9E%E6%88%98%E4%B8%8E%E7%BB%8F%E9%AA%8C/1.htm">Kubernetes实战与经验</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>在Kubernetes中,Ingress和Service是两个不同的概念,它们在功能、作用范围、应用场景等方面存在明显区别,具体如下:功能Ingress:主要用于管理集群外部到内部服务的HTTP和HTTPS流量路由。它可以根据域名、路径等规则,将外部请求精确地路由到集群内不同的Service,实现更细粒度的流量控制和多服务共享一个IP等功能。Service:主要用于在Kubernetes集群内部为</div>
</li>
<li><a href="/article/1892344076049641472.htm"
title="Kubernetes的Ingress 资源是什么?" target="_blank">Kubernetes的Ingress 资源是什么?</a>
<span class="text-muted">硅基创想家</span>
<a class="tag" taget="_blank" href="/search/%23/1.htm">#</a><a class="tag" taget="_blank" href="/search/Kubernetes%E5%AE%9E%E6%88%98%E4%B8%8E%E7%BB%8F%E9%AA%8C/1.htm">Kubernetes实战与经验</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>在Kubernetes中,Ingress资源是一种用于管理集群外部对内部服务访问的API对象,主要用于将不同的外部请求路由到集群内的不同服务,以下是关于它的详细介绍:定义与作用Ingress资源定义了从集群外部到内部服务的HTTP和HTTPS路由规则。通过Ingress,可以将多个不同域名或不同路径的请求,根据定义的规则,导向到集群内不同的Kubernetes服务,从而实现对集群内服务的统一外部访</div>
</li>
<li><a href="/article/1892281772801060864.htm"
title="十五、K8S-持久卷PV和PVC" target="_blank">十五、K8S-持久卷PV和PVC</a>
<span class="text-muted">繁华依在</span>
<a class="tag" taget="_blank" href="/search/k8s/1.htm">k8s</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>目录一、感念:1、PersistentVolume(PV)2、PersistentVolumeClaim(PVC)二、PV和PVC工作原理1、资源供应(Provisioning)2、资源绑定(Binding)3、资源使用(Using)4、资源回收(Reclaiming)1、保留数据:2、Deleted(删除数据):3、Recycled(回收策略):5、PVC资源扩容三、PV详解1、存储容量(Cap</div>
</li>
<li><a href="/article/1892281646506373120.htm"
title="k8s rook-ceph MountDevice failed for volume pvc An operation with the given Volume ID already exists" target="_blank">k8s rook-ceph MountDevice failed for volume pvc An operation with the given Volume ID already exists</a>
<span class="text-muted">时空无限</span>
<a class="tag" taget="_blank" href="/search/Kubernetes/1.htm">Kubernetes</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/ceph/1.htm">ceph</a>
<div>https://github.com/rook/rook/issues/4896环境kubeadm搭建的k8s集群,rook-ceph部署的ceph存储,monpod所在宿主机和挂载客户端机器pod所在机器不在一个二层网络里。故障pod挂载不上pvc,describepod信息如下MountDevicefailedforvolumepvcAnoperationwiththegivenVolumeI</div>
</li>
<li><a href="/article/1892281520081661952.htm"
title="rook-ceph无法登录dashboard" target="_blank">rook-ceph无法登录dashboard</a>
<span class="text-muted">时空无限</span>
<a class="tag" taget="_blank" href="/search/Kubernetes/1.htm">Kubernetes</a><a class="tag" taget="_blank" href="/search/ceph/1.htm">ceph</a><a class="tag" taget="_blank" href="/search/ceph/1.htm">ceph</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a>
<div>环境ubuntu22.04tlsk8s1.20.2现象搭建好ceph集群环境后,执行如下命令获取admin登录账号的密码kubectl-nrook-cephgetsecretrook-ceph-dashboard-password-ojsonpath="{['data']['password'</div>
</li>
<li><a href="/article/1892277991585673216.htm"
title="k8s篇-应用持久化存储(PV和PVC)" target="_blank">k8s篇-应用持久化存储(PV和PVC)</a>
<span class="text-muted">jiam明</span>
<a class="tag" taget="_blank" href="/search/Kubernetes/1.htm">Kubernetes</a><a class="tag" taget="_blank" href="/search/c%E8%AF%AD%E8%A8%80/1.htm">c语言</a><a class="tag" taget="_blank" href="/search/%E5%BC%80%E5%8F%91%E8%AF%AD%E8%A8%80/1.htm">开发语言</a><a class="tag" taget="_blank" href="/search/%E5%90%8E%E7%AB%AF/1.htm">后端</a>
<div>一、Volume一般来说,容器一旦被删除后,容器运行时内部产生的所有文件数据也会被清理掉,因此,Docker提供了Volume这种方式来将数据持久化存储。可以说,Volume是Pod与外部存储设备进行数据传递的通道,也是Pod内部容器间、Pod与Pod间、Pod与外部环境进行数据共享的方式。实际上,这个Volume也只是宿主机上本地磁盘中的一个目录,也就是说,volume方式是将容器里面的数据都保</div>
</li>
<li><a href="/article/1892241396719480832.htm"
title="kubeadm拉起的k8s集群证书过期的做法集群已奔溃也可以解决" target="_blank">kubeadm拉起的k8s集群证书过期的做法集群已奔溃也可以解决</a>
<span class="text-muted">KTKong</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>kubeadm拉起的k8s集群证书过期的做法这个是很久之前遇到的了,今天有空(心血来潮)就都回忆回忆写在这里为爱发光,部分内容来自arch先生(死党)的帮助。有时候有很多部门提了建k8s的需求,有些是临时的,有些没有说具体用多久,但是某天,他们和你说集群坏了,这时候你上去一看证书过期了,这里又有两种情况我们分别说明:集群还活着集群已归西1、备份数据2、报错内容及分析3、生成证书4、证书内容合并5、</div>
</li>
<li><a href="/article/1892238875863085056.htm"
title="虚拟机安装k8s集群" target="_blank">虚拟机安装k8s集群</a>
<span class="text-muted">开着拖拉机寻找春天</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>环境准备-主节点(MasterNode):IP地址:192.168.40.100主机名:k8s-master-工作节点(WorkerNode):IP地址:192.168.40.101主机名:k8s-node1步骤1:配置虚拟机环境1.1设置主机名在每台虚拟机上设置唯一的主机名:#在主节点上执行sudohostnamectlset-hostnamek8s-master#在工作节点上执行sudohos</div>
</li>
<li><a href="/article/1892221220573736960.htm"
title="Kubernetes & 容器自动伸缩失败:解决方案及阿里云如何帮助" target="_blank">Kubernetes & 容器自动伸缩失败:解决方案及阿里云如何帮助</a>
<span class="text-muted">Anna_Tong</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E9%98%BF%E9%87%8C%E4%BA%91/1.htm">阿里云</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E8%B4%9F%E8%BD%BD%E5%9D%87%E8%A1%A1/1.htm">负载均衡</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/%E5%BC%B9%E6%80%A7%E8%AE%A1%E7%AE%97/1.htm">弹性计算</a><a class="tag" taget="_blank" href="/search/%E8%87%AA%E5%8A%A8%E4%BC%B8%E7%BC%A9/1.htm">自动伸缩</a>
<div>随着容器技术的普及,Kubernetes(K8s)已成为构建现代云原生应用的核心平台。自动伸缩(AutoScaling)功能可以帮助应用在流量波动时动态调整资源,提高效率并节约成本。然而,很多企业在配置水平自动伸缩(HorizontalPodAutoscaler,HPA)或ECS扩容策略时,常常遇到配置错误或无法触发扩容的问题,导致资源无法及时扩展或收缩,影响系统的稳定性和用户体验。本文将为您分享</div>
</li>
<li><a href="/article/1891966366047596544.htm"
title="Kubernetes 服务发现背后的秘密武器——CoreDNS" target="_blank">Kubernetes 服务发现背后的秘密武器——CoreDNS</a>
<span class="text-muted">weixin_42587823</span>
<a class="tag" taget="_blank" href="/search/dns/1.htm">dns</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E6%9C%8D%E5%8A%A1%E5%8F%91%E7%8E%B0/1.htm">服务发现</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/coredns/1.htm">coredns</a>
<div>Kubernetes服务发现背后的秘密武器——CoreDNS在Kubernetes集群中,CoreDNS是一个关键的基础组件,负责域名解析和服务发现。无论是内部服务通信还是访问外部域名,CoreDNS都为我们提供了高效、灵活的支持。本文将通俗易懂地介绍CoreDNS的作用、工作流程,并通过一些常见的配置案例帮助你更好地理解它的功能。CoreDNS的作用服务名称解析CoreDNS负责将Kuberne</div>
</li>
<li><a href="/article/1891917795935973376.htm"
title="一文读懂Ingress-Nginx以及实战教程" target="_blank">一文读懂Ingress-Nginx以及实战教程</a>
<span class="text-muted">努力的小T</span>
<a class="tag" taget="_blank" href="/search/Kubernetes/1.htm">Kubernetes</a><a class="tag" taget="_blank" href="/search/Linux/1.htm">Linux</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E8%AE%A1%E7%AE%97%E8%BF%90%E7%BB%B4%E5%9F%BA%E7%A1%80/1.htm">云计算运维基础</a><a class="tag" taget="_blank" href="/search/nginx/1.htm">nginx</a><a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4/1.htm">运维</a><a class="tag" taget="_blank" href="/search/%E6%9C%8D%E5%8A%A1%E5%99%A8/1.htm">服务器</a><a class="tag" taget="_blank" href="/search/linux/1.htm">linux</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>Ingress-Nginx简介Ingress-Nginx是Kubernetes的一个入口控制器,它允许您将外部HTTP和HTTPS流量路由到集群内的服务。除了标准的HTTP/HTTPS路由功能外,Ingress-Nginx还支持WebSocket、gRPC、TCP和UDP协议。实战教程:从零开始部署Ingress-Nginx步骤1:环境准备确保您的Kubernetes集群版本为v1.29.7,并且</div>
</li>
<li><a href="/article/1891803181751529472.htm"
title="HoRain云--浅析CoreDNS的工作机制" target="_blank">HoRain云--浅析CoreDNS的工作机制</a>
<span class="text-muted">HoRain 云小助手</span>
<a class="tag" taget="_blank" href="/search/%E8%B4%AA%E5%BF%83%E7%AE%97%E6%B3%95/1.htm">贪心算法</a><a class="tag" taget="_blank" href="/search/%E7%AE%97%E6%B3%95/1.htm">算法</a><a class="tag" taget="_blank" href="/search/CoreDNS/1.htm">CoreDNS</a>
<div>HoRain云小助手:个人主页⛺️生活的理想,就是为了理想的生活!⛳️推荐前些天发现了一个超棒的服务器购买网站,性价比超高,大内存超划算!忍不住分享一下给大家。点击跳转到网站。目录⛳️推荐一、插件化架构1.常见插件类型2.插件执行顺序二、动态配置(Corefile)1.配置结构2.热重载机制三、请求处理流程四、Kubernetes集成1.服务解析规则2.自动更新机制五、性能优化1.缓存加速2.并发</div>
</li>
<li><a href="/article/1891771618162700288.htm"
title="rancher k3s 默认应用服务,内部DNS访问域名是什么" target="_blank">rancher k3s 默认应用服务,内部DNS访问域名是什么</a>
<span class="text-muted">santer_x</span>
<a class="tag" taget="_blank" href="/search/rancher/1.htm">rancher</a>
<div>rancherk3s默认应用服务,内部DNS访问域名是什么默认集群域名服务域名格式Rancher自身服务的域名特殊情况与注意事项示例场景在Rancher管理的K3s集群中,默认的内部DNS访问域名遵循Kubernetes的DNS规范。具体规则如下:默认集群域名K3s默认使用的集群域名为cluster.local。这一配置与Kubernetes标准一致,可通过修改Kubelet的--cluster-</div>
</li>
<li><a href="/article/1891733907909439488.htm"
title="2025年如何选择合适的云原生架构工具" target="_blank">2025年如何选择合适的云原生架构工具</a>
<span class="text-muted">zxzy_org</span>
<a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/%E6%9E%B6%E6%9E%84/1.htm">架构</a><a class="tag" taget="_blank" href="/search/ai/1.htm">ai</a>
<div>随着云原生技术的不断发展,市场上涌现出大量的工具和平台,供开发者选择。2025年,如何在这些工具中选择适合自己项目需求的架构工具,成为技术决策的重要议题。选择合适的云原生工具,首先需要根据项目的规模、复杂度以及团队的技能水平进行综合考虑。首先,容器化技术是云原生架构的核心。Docker是最受欢迎的容器化工具,适用于大多数开发场景。如果项目规模较大,Kubernetes将成为不可或缺的容器编排平台,</div>
</li>
<li><a href="/article/1891484881830080512.htm"
title="在SpringBoot项目中有k8s配置,但报错" target="_blank">在SpringBoot项目中有k8s配置,但报错</a>
<span class="text-muted">柠檬编程工作室</span>
<a class="tag" taget="_blank" href="/search/go%26amp%3Bk8s/1.htm">go&k8s</a><a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4/1.htm">运维</a><a class="tag" taget="_blank" href="/search/spring/1.htm">spring</a><a class="tag" taget="_blank" href="/search/boot/1.htm">boot</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%90%8E%E7%AB%AF/1.htm">后端</a>
<div>如下报错一般是你没有将k8s的config拷贝到项目里,你可以将k8s主节点的config拷贝一下到项目中。2025-02-1309:27:21.873ERROR1671---[.models.V1Pod-1]i.k.c.informer.cache.ReflectorRunnable:classio.kubernetes.client.openapi.models.V1Pod#Reflector</div>
</li>
<li><a href="/article/1891482992426151936.htm"
title="Kubernetes源码分析之kubelet" target="_blank">Kubernetes源码分析之kubelet</a>
<span class="text-muted">「已注销」</span>
<a class="tag" taget="_blank" href="/search/runtime/1.htm">runtime</a><a class="tag" taget="_blank" href="/search/%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F/1.htm">操作系统</a><a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4/1.htm">运维</a>
<div>本节所有的代码基于1.13.4版本。启动分析Kubelet的启动参数有两种,kubeletFlags和kubeletConfig。其中,kubeletFlags与我们使用的kubelet的--参数命令保持一致;kubeletConfig通过解析特定的配置文件完成参数的配置,它们共同构成kubelet启动参数的配置。如图基本参数配置完成之后,接下来就是配置启动的Run方法。Kubelet启动的Run</div>
</li>
<li><a href="/article/1891477181964546048.htm"
title="5、pod 详解 (kubernetes)" target="_blank">5、pod 详解 (kubernetes)</a>
<span class="text-muted">Sundayday47</span>
<a class="tag" taget="_blank" href="/search/k8s/1.htm">k8s</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/harbor/1.htm">harbor</a>
<div>pod详解(kubernetes)Pod的基础概念pause容器Pod的分类与创建自主式Pod控制器管理的Pod静态PodPod容器的分类基础容器(infrastructurecontainer)初始化容器(initcontainers)应用容器(Maincontainer)镜像拉取策略(imagePullPolicy)k8s部署harbor创建私有项目部署harbor仓库harbor登录凭据资源</div>
</li>
<li><a href="/article/1891391188125151232.htm"
title="APO全量日志对接logstash和fluent日志采集生态" target="_blank">APO全量日志对接logstash和fluent日志采集生态</a>
<span class="text-muted"></span>
<a class="tag" taget="_blank" href="/search/%E6%97%A5%E5%BF%97/1.htm">日志</a>
<div>APO日志介绍采集流程图APO使用ilogtail作为日志采集组件并改造支持额外功能,在vector中进行日志结构化处理。APO日志功能日志指标统计日志数并生成日志数指标。出现错误日志时,计算日志错误指标故障现场日志应用程序出现慢或者错误trace时,将这段时间内的日志收集并写入clickhouse中。使用k8s信息或pid信息关联故障链路和故障现场日志全量日志1.APO日志界面中提供了为不同应用</div>
</li>
<li><a href="/article/1891384972510556160.htm"
title="红队视角出发的k8s敏感信息收集——Kubernetes API 扩展与未授权访问" target="_blank">红队视角出发的k8s敏感信息收集——Kubernetes API 扩展与未授权访问</a>
<span class="text-muted">周周的奇妙编程</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>针对Kubernetes第三方组件与Operator的详细攻击视角分析,涵盖ServiceMesh、HelmReleases和DatabaseOperators的潜在风险及利用方法。攻击链示例1.攻击者通过未授权的Tiller服务部署恶意HelmChart→2.创建后门Pod并横向移动至Istio控制平面→3.提取Envoy配置发现未加密的数据库服务→4.通过MySQLOperator创建管理员账</div>
</li>
<li><a href="/article/1891384593999785984.htm"
title="义父们,支持我兄弟参加CSDN博客之星2024!他是一名优秀的运维工程师!" target="_blank">义父们,支持我兄弟参加CSDN博客之星2024!他是一名优秀的运维工程师!</a>
<span class="text-muted">qq_42856429</span>
<a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4/1.htm">运维</a><a class="tag" taget="_blank" href="/search/java/1.htm">java</a><a class="tag" taget="_blank" href="/search/%E5%BC%80%E5%8F%91%E8%AF%AD%E8%A8%80/1.htm">开发语言</a>
<div>标题:支持我兄弟参加CSDN博客之星2024!他是一名优秀的运维工程师!大家好,今天想为大家推荐一位非常优秀的技术博主——XMYX-0。他是一名专注于运维领域的开发者,尤其擅长Kubernetes(K8s)和Python自动化运维。他正在参加CSDN博客之星2024活动,希望大家能够为他投上宝贵的一票!为什么支持他?Kubernetes(K8s)领域的深度实践者在K8s领域有着丰富的实战经验。他的</div>
</li>
<li><a href="/article/1891318377838866432.htm"
title="从零开始入门 K8s | Kubernetes 网络模型进阶" target="_blank">从零开始入门 K8s | Kubernetes 网络模型进阶</a>
<span class="text-muted">jishulaozhuanjia</span>
<div>个人博客导航页(点击右侧链接即可打开个人博客):互联网老兵带你入门技术栈本文整理自《CNCFxAlibaba云原生技术公开课》第25讲,点击直达课程页面。关注“阿里巴巴云原生”公众号,回复关键词**“入门”**,即可下载从零入门K8s系列文章PPT。导读:本文将基于之前介绍的基本网络模型,进行更深入的一些了解,希望给予读者一个更广更深的认知。首先简单回顾一下容器网络的历史沿革,剖析一下Kubern</div>
</li>
<li><a href="/article/1891311058161823744.htm"
title="从入门到跑路(六)k8s配置ingress-nginx" target="_blank">从入门到跑路(六)k8s配置ingress-nginx</a>
<span class="text-muted">m0_74825678</span>
<a class="tag" taget="_blank" href="/search/%E9%9D%A2%E8%AF%95/1.htm">面试</a><a class="tag" taget="_blank" href="/search/%E5%AD%A6%E4%B9%A0%E8%B7%AF%E7%BA%BF/1.htm">学习路线</a><a class="tag" taget="_blank" href="/search/%E9%98%BF%E9%87%8C%E5%B7%B4%E5%B7%B4/1.htm">阿里巴巴</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/nginx/1.htm">nginx</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>Ingress-NGINX是一个基于NGINX的KubernetesIngress控制器,旨在将外部HTTP和HTTPS流量路由到Kubernetes集群中的服务。它是Kubernetes官方推荐的Ingress控制器之一,并且广泛应用于各种生产环境中。Ingress-NGINX介绍主要作用在Kubernetes集群中,Ingress-NGINX的作用是作为IngressController来处理</div>
</li>
<li><a href="/article/1891256570860335104.htm"
title="Kubernetes(K8s)之DNS方案" target="_blank">Kubernetes(K8s)之DNS方案</a>
<span class="text-muted">james二次元</span>
<a class="tag" taget="_blank" href="/search/%E5%BE%AE%E6%9C%8D%E5%8A%A1/1.htm">微服务</a><a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/dns/1.htm">dns</a><a class="tag" taget="_blank" href="/search/hosts/1.htm">hosts</a>
<div>在使用k8s过程中,有时需要配置自定义的host文件做主机名解析。如果在镜像中修改/etc/hosts文件,而容器启动初始化时,会覆盖掉该文件。就需要利用k8s自身提供的机制解决类似的问题。具体如下:1.hostAliaseshostAliases是Kubernetes中的一项功能,用于在Pod中的/etc/hosts文件中添加自定义主机名与IP地址的映射。这个功能允许开发者为每个Pod手动定义主</div>
</li>
<li><a href="/article/1891255058222346240.htm"
title="k8s 中的 service 如何找到绑定的 Pod 以及如何实现 Pod 负载均衡" target="_blank">k8s 中的 service 如何找到绑定的 Pod 以及如何实现 Pod 负载均衡</a>
<span class="text-muted">「已注销」</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E8%B4%9F%E8%BD%BD%E5%9D%87%E8%A1%A1/1.htm">负载均衡</a><a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a>
<div>前言Service资源主要用于为Pod对象提供一个固定、统一的访问接口及负载均衡的能力。service是一组具有相同labelpod集合的抽象,集群内外的各个服务可以通过service进行互相通信。当创建一个service对象时也会对应创建一个endpoint对象,endpoint是用来做容器发现的,service只是将多个pod进行关联,实际的路由转发都是由kubernetes中的kube-pr</div>
</li>
<li><a href="/article/101.htm"
title="数据采集高并发的架构应用" target="_blank">数据采集高并发的架构应用</a>
<span class="text-muted">3golden</span>
<a class="tag" taget="_blank" href="/search/.net/1.htm">.net</a>
<div>问题的出发点:
最近公司为了发展需要,要扩大对用户的信息采集,每个用户的采集量估计约2W。如果用户量增加的话,将会大量照成采集量成3W倍的增长,但是又要满足日常业务需要,特别是指令要及时得到响应的频率次数远大于预期。
&n</div>
</li>
<li><a href="/article/228.htm"
title="不停止 MySQL 服务增加从库的两种方式" target="_blank">不停止 MySQL 服务增加从库的两种方式</a>
<span class="text-muted">brotherlamp</span>
<a class="tag" taget="_blank" href="/search/linux/1.htm">linux</a><a class="tag" taget="_blank" href="/search/linux%E8%A7%86%E9%A2%91/1.htm">linux视频</a><a class="tag" taget="_blank" href="/search/linux%E8%B5%84%E6%96%99/1.htm">linux资料</a><a class="tag" taget="_blank" href="/search/linux%E6%95%99%E7%A8%8B/1.htm">linux教程</a><a class="tag" taget="_blank" href="/search/linux%E8%87%AA%E5%AD%A6/1.htm">linux自学</a>
<div>现在生产环境MySQL数据库是一主一从,由于业务量访问不断增大,故再增加一台从库。前提是不能影响线上业务使用,也就是说不能重启MySQL服务,为了避免出现其他情况,选择在网站访问量低峰期时间段操作。
一般在线增加从库有两种方式,一种是通过mysqldump备份主库,恢复到从库,mysqldump是逻辑备份,数据量大时,备份速度会很慢,锁表的时间也会很长。另一种是通过xtrabacku</div>
</li>
<li><a href="/article/355.htm"
title="Quartz——SimpleTrigger触发器" target="_blank">Quartz——SimpleTrigger触发器</a>
<span class="text-muted">eksliang</span>
<a class="tag" taget="_blank" href="/search/SimpleTrigger/1.htm">SimpleTrigger</a><a class="tag" taget="_blank" href="/search/TriggerUtils/1.htm">TriggerUtils</a><a class="tag" taget="_blank" href="/search/quartz/1.htm">quartz</a>
<div>转载请出自出处:http://eksliang.iteye.com/blog/2208166 一.概述
SimpleTrigger触发器,当且仅需触发一次或者以固定时间间隔周期触发执行;
二.SimpleTrigger的构造函数
SimpleTrigger(String name, String group):通过该构造函数指定Trigger所属组和名称;
Simpl</div>
</li>
<li><a href="/article/482.htm"
title="Informatica应用(1)" target="_blank">Informatica应用(1)</a>
<span class="text-muted">18289753290</span>
<a class="tag" taget="_blank" href="/search/sql/1.htm">sql</a><a class="tag" taget="_blank" href="/search/workflow/1.htm">workflow</a><a class="tag" taget="_blank" href="/search/lookup/1.htm">lookup</a><a class="tag" taget="_blank" href="/search/%E7%BB%84%E4%BB%B6/1.htm">组件</a><a class="tag" taget="_blank" href="/search/Informatica/1.htm">Informatica</a>
<div>1.如果要在workflow中调用shell脚本有一个command组件,在里面设置shell的路径;调度wf可以右键出现schedule,现在用的是HP的tidal调度wf的执行。
2.designer里面的router类似于SSIS中的broadcast(多播组件);Reset_Workflow_Var:参数重置 (比如说我这个参数初始是1在workflow跑得过程中变成了3我要在结束时还要</div>
</li>
<li><a href="/article/609.htm"
title="python 获取图片验证码中文字" target="_blank">python 获取图片验证码中文字</a>
<span class="text-muted">酷的飞上天空</span>
<a class="tag" taget="_blank" href="/search/python/1.htm">python</a>
<div>根据现成的开源项目 http://code.google.com/p/pytesser/改写
在window上用easy_install安装不上 看了下源码发现代码很少 于是就想自己改写一下
添加支持网络图片的直接解析
#coding:utf-8
#import sys
#reload(sys)
#sys.s</div>
</li>
<li><a href="/article/736.htm"
title="AJAX" target="_blank">AJAX</a>
<span class="text-muted">永夜-极光</span>
<a class="tag" taget="_blank" href="/search/Ajax/1.htm">Ajax</a>
<div>1.AJAX功能:动态更新页面,减少流量消耗,减轻服务器负担
2.代码结构:
<html>
<head>
<script type="text/javascript">
function loadXMLDoc()
{
.... AJAX script goes here ...
</div>
</li>
<li><a href="/article/863.htm"
title="创业OR读研" target="_blank">创业OR读研</a>
<span class="text-muted">随便小屋</span>
<a class="tag" taget="_blank" href="/search/%E5%88%9B%E4%B8%9A/1.htm">创业</a>
<div> 现在研一,有种想创业的想法,不知道该不该去实施。因为对于的我情况这两者是矛盾的,可能就是鱼与熊掌不能兼得。
研一的生活刚刚过去两个月,我们学校主要的是</div>
</li>
<li><a href="/article/990.htm"
title="需求做得好与坏直接关系着程序员生活质量" target="_blank">需求做得好与坏直接关系着程序员生活质量</a>
<span class="text-muted">aijuans</span>
<a class="tag" taget="_blank" href="/search/IT+%E7%94%9F%E6%B4%BB/1.htm">IT 生活</a>
<div>
这个故事还得从去年换工作的事情说起,由于自己不太喜欢第一家公司的环境我选择了换一份工作。去年九月份我入职现在的这家公司,专门从事金融业内软件的开发。十一月份我们整个项目组前往北京做现场开发,从此苦逼的日子开始了。
系统背景:五月份就有同事前往甲方了解需求一直到6月份,后续几个月也完</div>
</li>
<li><a href="/article/1117.htm"
title="如何定义和区分高级软件开发工程师" target="_blank">如何定义和区分高级软件开发工程师</a>
<span class="text-muted">aoyouzi</span>
<div>在软件开发领域,高级开发工程师通常是指那些编写代码超过 3 年的人。这些人可能会被放到领导的位置,但经常会产生非常糟糕的结果。Matt Briggs 是一名高级开发工程师兼 Scrum 管理员。他认为,单纯使用年限来划分开发人员存在问题,两个同样具有 10 年开发经验的开发人员可能大不相同。近日,他发表了一篇博文,根据开发者所能发挥的作用划分软件开发工程师的成长阶段。
初</div>
</li>
<li><a href="/article/1244.htm"
title="Servlet的请求与响应" target="_blank">Servlet的请求与响应</a>
<span class="text-muted">百合不是茶</span>
<a class="tag" taget="_blank" href="/search/servlet/1.htm">servlet</a><a class="tag" taget="_blank" href="/search/get%E6%8F%90%E4%BA%A4/1.htm">get提交</a><a class="tag" taget="_blank" href="/search/java%E5%A4%84%E7%90%86post%E6%8F%90%E4%BA%A4/1.htm">java处理post提交</a>
<div>
Servlet是tomcat中的一个重要组成,也是负责客户端和服务端的中介
1,Http的请求方式(get ,post);
客户端的请求一般都会都是Servlet来接受的,在接收之前怎么来确定是那种方式提交的,以及如何反馈,Servlet中有相应的方法, http的get方式 servlet就是都doGet(</div>
</li>
<li><a href="/article/1371.htm"
title="web.xml配置详解之listener" target="_blank">web.xml配置详解之listener</a>
<span class="text-muted">bijian1013</span>
<a class="tag" taget="_blank" href="/search/java/1.htm">java</a><a class="tag" taget="_blank" href="/search/web.xml/1.htm">web.xml</a><a class="tag" taget="_blank" href="/search/listener/1.htm">listener</a>
<div>一.定义
<listener>
<listen-class>com.myapp.MyListener</listen-class>
</listener>
二.作用 该元素用来注册一个监听器类。可以收到事件什么时候发生以及用什么作为响</div>
</li>
<li><a href="/article/1498.htm"
title="Web页面性能优化(yahoo技术)" target="_blank">Web页面性能优化(yahoo技术)</a>
<span class="text-muted">Bill_chen</span>
<a class="tag" taget="_blank" href="/search/JavaScript/1.htm">JavaScript</a><a class="tag" taget="_blank" href="/search/Ajax/1.htm">Ajax</a><a class="tag" taget="_blank" href="/search/Web/1.htm">Web</a><a class="tag" taget="_blank" href="/search/css/1.htm">css</a><a class="tag" taget="_blank" href="/search/Yahoo/1.htm">Yahoo</a>
<div>1.尽可能的减少HTTP请求数 content
2.使用CDN server
3.添加Expires头(或者 Cache-control) server
4.Gzip 组件 server
5.把CSS样式放在页面的上方。 css
6.将脚本放在底部(包括内联的) javascript
7.避免在CSS中使用Expressions css
8.将javascript和css独立成外部文</div>
</li>
<li><a href="/article/1625.htm"
title="【MongoDB学习笔记八】MongoDB游标、分页查询、查询结果排序" target="_blank">【MongoDB学习笔记八】MongoDB游标、分页查询、查询结果排序</a>
<span class="text-muted">bit1129</span>
<a class="tag" taget="_blank" href="/search/mongodb/1.htm">mongodb</a>
<div>游标
游标,简单的说就是一个查询结果的指针。游标作为数据库的一个对象,使用它是包括
声明
打开
循环抓去一定数目的文档直到结果集中的所有文档已经抓取完
关闭游标
游标的基本用法,类似于JDBC的ResultSet(hasNext判断是否抓去完,next移动游标到下一条文档),在获取一个文档集时,可以提供一个类似JDBC的FetchSize</div>
</li>
<li><a href="/article/1752.htm"
title="ORA-12514 TNS 监听程序当前无法识别连接描述符中请求服务 的解决方法" target="_blank">ORA-12514 TNS 监听程序当前无法识别连接描述符中请求服务 的解决方法</a>
<span class="text-muted">白糖_</span>
<a class="tag" taget="_blank" href="/search/ORA-12514/1.htm">ORA-12514</a>
<div> 今天通过Oracle SQL*Plus连接远端服务器的时候提示“监听程序当前无法识别连接描述符中请求服务”,遂在网上找到了解决方案:
①打开Oracle服务器安装目录\NETWORK\ADMIN\listener.ora文件,你会看到如下信息:
# listener.ora Network Configuration File: D:\database\Oracle\net</div>
</li>
<li><a href="/article/1879.htm"
title="Eclipse 问题 A resource exists with a different case" target="_blank">Eclipse 问题 A resource exists with a different case</a>
<span class="text-muted">bozch</span>
<a class="tag" taget="_blank" href="/search/eclipse/1.htm">eclipse</a>
<div>在使用Eclipse进行开发的时候,出现了如下的问题:
Description Resource Path Location TypeThe project was not built due to "A resource exists with a different case: '/SeenTaoImp_zhV2/bin/seentao'.&</div>
</li>
<li><a href="/article/2006.htm"
title="编程之美-小飞的电梯调度算法" target="_blank">编程之美-小飞的电梯调度算法</a>
<span class="text-muted">bylijinnan</span>
<a class="tag" taget="_blank" href="/search/%E7%BC%96%E7%A8%8B%E4%B9%8B%E7%BE%8E/1.htm">编程之美</a>
<div>
public class AptElevator {
/**
* 编程之美 小飞 电梯调度算法
* 在繁忙的时间,每次电梯从一层往上走时,我们只允许电梯停在其中的某一层。
* 所有乘客都从一楼上电梯,到达某层楼后,电梯听下来,所有乘客再从这里爬楼梯到自己的目的层。
* 在一楼时,每个乘客选择自己的目的层,电梯则自动计算出应停的楼层。
* 问:电梯停在哪</div>
</li>
<li><a href="/article/2133.htm"
title="SQL注入相关概念" target="_blank">SQL注入相关概念</a>
<span class="text-muted">chenbowen00</span>
<a class="tag" taget="_blank" href="/search/sql/1.htm">sql</a><a class="tag" taget="_blank" href="/search/Web/1.htm">Web</a><a class="tag" taget="_blank" href="/search/%E5%AE%89%E5%85%A8/1.htm">安全</a>
<div>SQL Injection:就是通过把SQL命令插入到Web表单递交或输入域名或页面请求的查询字符串,最终达到欺骗服务器执行恶意的SQL命令。
具体来说,它是利用现有应用程序,将(恶意)的SQL命令注入到后台数据库引擎执行的能力,它可以通过在Web表单中输入(恶意)SQL语句得到一个存在安全漏洞的网站上的数据库,而不是按照设计者意图去执行SQL语句。
首先让我们了解什么时候可能发生SQ</div>
</li>
<li><a href="/article/2260.htm"
title="[光与电]光子信号战防御原理" target="_blank">[光与电]光子信号战防御原理</a>
<span class="text-muted">comsci</span>
<a class="tag" taget="_blank" href="/search/%E5%8E%9F%E7%90%86/1.htm">原理</a>
<div>
无论是在战场上,还是在后方,敌人都有可能用光子信号对人体进行控制和攻击,那么采取什么样的防御方法,最简单,最有效呢?
我们这里有几个山寨的办法,可能有些作用,大家如果有兴趣可以去实验一下
根据光</div>
</li>
<li><a href="/article/2387.htm"
title="oracle 11g新特性:Pending Statistics" target="_blank">oracle 11g新特性:Pending Statistics</a>
<span class="text-muted">daizj</span>
<a class="tag" taget="_blank" href="/search/oracle/1.htm">oracle</a><a class="tag" taget="_blank" href="/search/dbms_stats/1.htm">dbms_stats</a>
<div>oracle 11g新特性:Pending Statistics 转
从11g开始,表与索引的统计信息收集完毕后,可以选择收集的统信息立即发布,也可以选择使新收集的统计信息处于pending状态,待确定处于pending状态的统计信息是安全的,再使处于pending状态的统计信息发布,这样就会避免一些因为收集统计信息立即发布而导致SQL执行计划走错的灾难。
在 11g 之前的版本中,D</div>
</li>
<li><a href="/article/2514.htm"
title="快速理解RequireJs" target="_blank">快速理解RequireJs</a>
<span class="text-muted">dengkane</span>
<a class="tag" taget="_blank" href="/search/jquery/1.htm">jquery</a><a class="tag" taget="_blank" href="/search/requirejs/1.htm">requirejs</a>
<div>RequireJs已经流行很久了,我们在项目中也打算使用它。它提供了以下功能:
声明不同js文件之间的依赖
可以按需、并行、延时载入js库
可以让我们的代码以模块化的方式组织
初看起来并不复杂。 在html中引入requirejs
在HTML中,添加这样的 <script> 标签:
<script src="/path/to</div>
</li>
<li><a href="/article/2641.htm"
title="C语言学习四流程控制if条件选择、for循环和强制类型转换" target="_blank">C语言学习四流程控制if条件选择、for循环和强制类型转换</a>
<span class="text-muted">dcj3sjt126com</span>
<a class="tag" taget="_blank" href="/search/c/1.htm">c</a>
<div># include <stdio.h>
int main(void)
{
int i, j;
scanf("%d %d", &i, &j);
if (i > j)
printf("i大于j\n");
else
printf("i小于j\n");
retu</div>
</li>
<li><a href="/article/2768.htm"
title="dictionary的使用要注意" target="_blank">dictionary的使用要注意</a>
<span class="text-muted">dcj3sjt126com</span>
<a class="tag" taget="_blank" href="/search/IO/1.htm">IO</a>
<div>NSDictionary *dict = [NSDictionary dictionaryWithObjectsAndKeys:
user.user_id , @"id",
user.username , @"username",
</div>
</li>
<li><a href="/article/2895.htm"
title="Android 中的资源访问(Resource)" target="_blank">Android 中的资源访问(Resource)</a>
<span class="text-muted">finally_m</span>
<a class="tag" taget="_blank" href="/search/xml/1.htm">xml</a><a class="tag" taget="_blank" href="/search/android/1.htm">android</a><a class="tag" taget="_blank" href="/search/String/1.htm">String</a><a class="tag" taget="_blank" href="/search/drawable/1.htm">drawable</a><a class="tag" taget="_blank" href="/search/color/1.htm">color</a>
<div>
简单的说,Android中的资源是指非代码部分。例如,在我们的Android程序中要使用一些图片来设置界面,要使用一些音频文件来设置铃声,要使用一些动画来显示特效,要使用一些字符串来显示提示信息。那么,这些图片、音频、动画和字符串等叫做Android中的资源文件。
在Eclipse创建的工程中,我们可以看到res和assets两个文件夹,是用来保存资源文件的,在assets中保存的一般是原生</div>
</li>
<li><a href="/article/3022.htm"
title="Spring使用Cache、整合Ehcache" target="_blank">Spring使用Cache、整合Ehcache</a>
<span class="text-muted">234390216</span>
<a class="tag" taget="_blank" href="/search/spring/1.htm">spring</a><a class="tag" taget="_blank" href="/search/cache/1.htm">cache</a><a class="tag" taget="_blank" href="/search/ehcache/1.htm">ehcache</a><a class="tag" taget="_blank" href="/search/%40Cacheable/1.htm">@Cacheable</a>
<div>Spring使用Cache
从3.1开始,Spring引入了对Cache的支持。其使用方法和原理都类似于Spring对事务管理的支持。Spring Cache是作用在方法上的,其核心思想是这样的:当我们在调用一个缓存方法时会把该方法参数和返回结果作为一个键值对存放在缓存中,等到下次利用同样的</div>
</li>
<li><a href="/article/3149.htm"
title="当druid遇上oracle blob(clob)" target="_blank">当druid遇上oracle blob(clob)</a>
<span class="text-muted">jackyrong</span>
<a class="tag" taget="_blank" href="/search/oracle/1.htm">oracle</a>
<div>http://blog.csdn.net/renfufei/article/details/44887371
众所周知,Oracle有很多坑, 所以才有了去IOE。
在使用Druid做数据库连接池后,其实偶尔也会碰到小坑,这就是使用开源项目所必须去填平的。【如果使用不开源的产品,那就不是坑,而是陷阱了,你都不知道怎么去填坑】
用Druid连接池,通过JDBC往Oracle数据库的</div>
</li>
<li><a href="/article/3276.htm"
title="easyui datagrid pagination获得分页页码、总页数等信息" target="_blank">easyui datagrid pagination获得分页页码、总页数等信息</a>
<span class="text-muted">ldzyz007</span>
<div>var grid = $('#datagrid');
var options = grid.datagrid('getPager').data("pagination").options;
var curr = options.pageNumber;
var total = options.total;
var max =</div>
</li>
<li><a href="/article/3403.htm"
title="浅析awk里的数组" target="_blank">浅析awk里的数组</a>
<span class="text-muted">nigelzeng</span>
<a class="tag" taget="_blank" href="/search/%E4%BA%8C%E7%BB%B4%E6%95%B0%E7%BB%84/1.htm">二维数组</a><a class="tag" taget="_blank" href="/search/array/1.htm">array</a><a class="tag" taget="_blank" href="/search/%E6%95%B0%E7%BB%84/1.htm">数组</a><a class="tag" taget="_blank" href="/search/awk/1.htm">awk</a>
<div>awk绝对是文本处理中的神器,它本身也是一门编程语言,还有许多功能本人没有使用到。这篇文章就单单针对awk里的数组来进行讨论,如何利用数组来帮助完成文本分析。
有这么一组数据:
abcd,91#31#2012-12-31 11:24:00
case_a,136#19#2012-12-31 11:24:00
case_a,136#23#2012-12-31 1</div>
</li>
<li><a href="/article/3530.htm"
title="搭建 CentOS 6 服务器(6) - TigerVNC" target="_blank">搭建 CentOS 6 服务器(6) - TigerVNC</a>
<span class="text-muted">rensanning</span>
<a class="tag" taget="_blank" href="/search/centos/1.htm">centos</a>
<div>安装GNOME桌面环境
# yum groupinstall "X Window System" "Desktop"
安装TigerVNC
# yum -y install tigervnc-server tigervnc
启动VNC服务
# /etc/init.d/vncserver restart
# vncser</div>
</li>
<li><a href="/article/3657.htm"
title="Spring 数据库连接整理" target="_blank">Spring 数据库连接整理</a>
<span class="text-muted">tomcat_oracle</span>
<a class="tag" taget="_blank" href="/search/spring/1.htm">spring</a><a class="tag" taget="_blank" href="/search/bean/1.htm">bean</a><a class="tag" taget="_blank" href="/search/jdbc/1.htm">jdbc</a>
<div>1、数据库连接jdbc.properties配置详解 jdbc.url=jdbc:hsqldb:hsql://localhost/xdb jdbc.username=sa jdbc.password= jdbc.driver=不同的数据库厂商驱动,此处不一一列举 接下来,详细配置代码如下:
Spring连接池 </div>
</li>
<li><a href="/article/3784.htm"
title="Dom4J解析使用xpath java.lang.NoClassDefFoundError: org/jaxen/JaxenException异常" target="_blank">Dom4J解析使用xpath java.lang.NoClassDefFoundError: org/jaxen/JaxenException异常</a>
<span class="text-muted">xp9802</span>
<div>用Dom4J解析xml,以前没注意,今天使用dom4j包解析xml时在xpath使用处报错
异常栈:java.lang.NoClassDefFoundError: org/jaxen/JaxenException异常
导入包 jaxen-1.1-beta-6.jar 解决;
&nb</div>
</li>
</ul>
</div>
</div>
</div>
<div>
<div class="container">
<div class="indexes">
<strong>按字母分类:</strong>
<a href="/tags/A/1.htm" target="_blank">A</a><a href="/tags/B/1.htm" target="_blank">B</a><a href="/tags/C/1.htm" target="_blank">C</a><a
href="/tags/D/1.htm" target="_blank">D</a><a href="/tags/E/1.htm" target="_blank">E</a><a href="/tags/F/1.htm" target="_blank">F</a><a
href="/tags/G/1.htm" target="_blank">G</a><a href="/tags/H/1.htm" target="_blank">H</a><a href="/tags/I/1.htm" target="_blank">I</a><a
href="/tags/J/1.htm" target="_blank">J</a><a href="/tags/K/1.htm" target="_blank">K</a><a href="/tags/L/1.htm" target="_blank">L</a><a
href="/tags/M/1.htm" target="_blank">M</a><a href="/tags/N/1.htm" target="_blank">N</a><a href="/tags/O/1.htm" target="_blank">O</a><a
href="/tags/P/1.htm" target="_blank">P</a><a href="/tags/Q/1.htm" target="_blank">Q</a><a href="/tags/R/1.htm" target="_blank">R</a><a
href="/tags/S/1.htm" target="_blank">S</a><a href="/tags/T/1.htm" target="_blank">T</a><a href="/tags/U/1.htm" target="_blank">U</a><a
href="/tags/V/1.htm" target="_blank">V</a><a href="/tags/W/1.htm" target="_blank">W</a><a href="/tags/X/1.htm" target="_blank">X</a><a
href="/tags/Y/1.htm" target="_blank">Y</a><a href="/tags/Z/1.htm" target="_blank">Z</a><a href="/tags/0/1.htm" target="_blank">其他</a>
</div>
</div>
</div>
<footer id="footer" class="mb30 mt30">
<div class="container">
<div class="footBglm">
<a target="_blank" href="/">首页</a> -
<a target="_blank" href="/custom/about.htm">关于我们</a> -
<a target="_blank" href="/search/Java/1.htm">站内搜索</a> -
<a target="_blank" href="/sitemap.txt">Sitemap</a> -
<a target="_blank" href="/custom/delete.htm">侵权投诉</a>
</div>
<div class="copyright">版权所有 IT知识库 CopyRight © 2000-2050 E-COM-NET.COM , All Rights Reserved.
<!-- <a href="https://beian.miit.gov.cn/" rel="nofollow" target="_blank">京ICP备09083238号</a><br>-->
</div>
</div>
</footer>
<!-- 代码高亮 -->
<script type="text/javascript" src="/static/syntaxhighlighter/scripts/shCore.js"></script>
<script type="text/javascript" src="/static/syntaxhighlighter/scripts/shLegacy.js"></script>
<script type="text/javascript" src="/static/syntaxhighlighter/scripts/shAutoloader.js"></script>
<link type="text/css" rel="stylesheet" href="/static/syntaxhighlighter/styles/shCoreDefault.css"/>
<script type="text/javascript" src="/static/syntaxhighlighter/src/my_start_1.js"></script>
</body>
</html>