Note: If you have missed my previous articles on Docker and Kubernetes, you can find them here.
Application deployment models evolution.
Getting started with Docker.
Docker file and images.
Publishing images to Docker Hub and re-using them
Docker- Find out what's going on
Docker Networking- Part 1
Docker Networking- Part 2
Docker Swarm-Multi-Host container Cluster
Docker Networking- Part 3 (Overlay Driver)
Introduction to Kubernetes
Kubernetes- Diving in (Part 1)
In Part 1 I gave an overview of the Kubernetes cluster, how to deploy a multinode cluster, and run a deployment with multiple replicas. In this article, I am going to describe service which is another abstraction in Kubernetes.
A service is an external endpoint for a PoD. Users access the PoD using the service IP address. For instance, for PoD/deployment with httpd container, we have to create a service exposing port 80 to allow users to access the server. There are four basic service types in Kubernetes:
Cluster IP (Default): Default service created when you create a deployment. Nodes within a cluster can access the service with this IP, but external users cannot use this IP to access the service
root@sathish-vm1:/home/sathish# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/my-web-79bff47dc8-56d6b 1/1 Running 0 35s
pod/my-web-79bff47dc8-94xmk 1/1 Running 0 12s
pod/my-web-79bff47dc8-dtbhf 0/1 ContainerCreating 0 12s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 5m56s
From VM2
root@sathish-vm2:/home/sathish# wget https://10.96.0.1:443 --no-check-certificate
--2020-09-28 12:58:58-- https://10.96.0.1/
Connecting to 10.96.0.1:443... connected.
WARNING: cannot verify 10.96.0.1's certificate, issued by ‘CN=kubernetes’:
Unable to locally verify the issuer's authority.
NodePort: When NodePort service is created, a port is allocated (high port number) on each node of the cluster that maps to service port (80/443 in case of web). Users can access the service with the IP address of the node and high port number.
LoadBalancer: This is typically used in cloud deployment and service type is used to control an external load balancer provided by the cloud.
ExternalName: Service is mapped to a name with a DNS CNAME record.
To try services, I am going to create a deployment of my trusted friend apache service and scale it to 5 replicas.
root@sathish-vm1:/home/sathish# kubectl create deployment my-web --image=httpd --port=80
root@sathish-vm1:/home/sathish# kubectl scale deploy/my-web --replicas 5
deployment.apps/my-web scaled
root@sathish-vm1:/home/sathish# kubectl get pods
NAME READY STATUS RESTARTS AGE
my-web-79bff47dc8-56d6b 1/1 Running 0 24m
my-web-79bff47dc8-94xmk 1/1 Running 0 23m
my-web-79bff47dc8-bqn95 1/1 Running 0 2m37s
my-web-79bff47dc8-gkj8m 1/1 Running 0 2m37s
my-web-79bff47dc8-s6gkr 1/1 Running 0 2m37s
Now I am going to create a Nodeport service to allow access from external networks
root@sathish-vm1:/home/sathish# kubectl expose deploy/my-web --port 80 --name externaccess --type NodePort
service/externaccess exposed
root@sathish-vm1:/home/sathish# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
externaccess NodePort 10.99.185.7 <none> 80:32300/TCP 88s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 96m
The high port number gets translated to port 80 on each PoD automatically. Now I am going to try accessing it with the PoD IP.
NodePort is sourceNATed to the interface IP address. By accessing http://<VMIP>:32300, I should be able to access the webserver.
root@sathish-vm1:/home/sathish# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:15:5d:db:46:5a brd ff:ff:ff:ff:ff:ff
inet 172.28.147.44/28 brd 172.28.147.47 scope global eth0
root@sathish-vm1:/home/sathish# wget 172.28.147.44:32300
--2020-09-28 14:25:49-- http://172.28.147.44:32300/
Connecting to 172.28.147.44:32300... connected.
HTTP request sent, awaiting response... 200 OK
Length: 45 [text/html]
Saving to: ‘index.html.10’
index.html.10 100%[=================================================>] 45 --.-KB/s in 0s
2020-09-28 14:25:49 (8.94 MB/s) - ‘index.html.10’ saved [45/45]
Trying it from another PC and bingo It Works!!
Hope this was helpful. Have a fantastic week!!
Comments