type为ClusterIP时,ports中不应该出现nodePort。
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: my-app #对应pod中标签
ports:
- protocol: TCP
port: 80
targetPort: 8080
nodePort: 30088
type: NodePort #访问模式:ClusterIP、NodePort
(1)Port(服务端口):这是Kubernetes Service的主要端口,用于定义集群内部的服务访问。它指定了Service监听的端口号,当集群内的Pod需要访问该Service时,会通过这个端口进行通信。
(2)TargetPort(目标端口):这个字段用于指定Service所转发的目标端口。当集群内的Pod访问SVC时,流量会被转发到目标Pod的TargetPort上。TargetPort通常与后端Pod的容器端口一致,通过Dockerfile中的EXPOSE指令来指定。
(3)NodePort(节点端口):这个字段用于定义Service在集群外部可访问的端口。通过NodePort,外部机器可以通过指定的节点端口来访问Service,实现跨节点的服务通信。NodePort是可选的,如果不指定,则默认情况下,Kubernetes会自动分配一个可用的端口。
包含常用的字段。
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
spec:
replicas: 3
selector:
matchLabels:
app: my-app #对应pod中标签
template:
metadata:
labels:
app: my-app #pod中标签
spec:
containers:
- name: my-container
image: my-image:latest
imagePullPolicy: Always
ports:
- containerPort: 8080
protocol: TCP
env:
- name: ENV_VAR1
value: value1
- name: ENV_VAR2
value: value2
resources:
limits:
cpu: "1"
memory: "1Gi"
requests:
cpu: "500m"
memory: "512Mi"
volumeMounts:
- name: dfs-volume
mountPath: /dfs
- name: configmap-volume
mountPath: /config
- name: hostpath-volume
mountPath: /host
volumes:
- name: dfs-volume
persistentVolumeClaim:
claimName: dfs-pvc
- name: configmap-volume
configMap:
name: my-configmap
- name: hostpath-volume
hostPath:
path: /host
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 10
periodSeconds: 5
Ingress将允许外部流量通过Ingress Controller访问集群内部的Service。请确保已经安装和配置了Ingress Controller,以便正确处理Ingress规则。
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress
spec:
rules:
- host: my-domain.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-service
port:
number: 80
apiVersion: v1
kind: ConfigMap
metadata:
name: my-configmap
data:
key1: value1
key2: value2
apiVersion: v1
kind: Secret
metadata:
name: my-secret
type: Opaque
data:
username: dXNlcm5hbWU=
password: cGFzc3dvcmQ=
StatefulSet资源在创建时需要预先定义持久化存储和网络配置等其他配置。
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: my-statefulset
spec:
serviceName: my-service
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: my-image:latest
ports:
- containerPort: 8080
volumeMounts:
- name: data-volume
mountPath: /data
volumeClaimTemplates:
- metadata:
name: data-volume
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 1Gi
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: my-daemonset
spec:
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: my-image:latest
ports:
- containerPort: 8080
apiVersion: v1
kind: Namespace
metadata:
name: my-namespace