kubernetes可以将流量路由到特定的pod吗?

ngynwnxp  于 12个月前  发布在  Kubernetes
关注(0)|答案(1)|浏览(83)

我有两个Pod(主Pod和备用Pod)部署到AWS EKS。来自服务的流量调用只能路由到主Pod吗?我知道部署可以使用就绪探测器使Pod处于未就绪状态,但我仍然需要备用Pod可访问。这是另一种解决方案吗?
准备就绪探测器解决方案,但不期望

byqmnocz

byqmnocz1#

您可以使用k8s-await-election,它利用Kubernetes内置的leader election功能来协调在不同Pod中运行的命令。它充当看门人,只有当Pod成为leader时才启动命令。
k8s-await-election拥有告诉Kubernetes哪个pod应该接收流量所需的所有信息。这可以解决上述问题,但代价是不可用的就绪探测器。
以下是使用httpd图像的完整示例:

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: k8s-await
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: get-leases
rules:
- apiGroups: [ "" ]
  resources: [ "endpoints" ]
  verbs: [ "get", "watch", "list", "create", "update" ]
- apiGroups: [ "coordination.k8s.io" ]
  resources: [ "leases" ]
  verbs: [ "get", "watch", "list", "create", "update" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: get-leases
subjects:
- kind: ServiceAccount
  name: k8s-await
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: get-leases
---
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  clusterIP: ""
  ports:
    - name: http
      port: 80
      protocol: TCP
  # NOTE: No selector here! A selector would automatically add all matching and ready pods to the endpoint
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-server-with-replicas
spec:
  replicas: 2
  selector:
    matchLabels:
      app: httpbin
  template:
    metadata:
      labels:
        app: httpbin
    spec:
      serviceAccountName: k8s-await
      volumes:
      - name: shared-binary
        emptyDir: {}
      initContainers:
      - name: get-binary
        image: alpine
        command:
        - '/bin/sh'
        - '-c'
        - 'wget https://github.com/LINBIT/k8s-await-election/releases/download/v0.2.3/k8s-await-election-v0.2.3-linux-amd64.tar.gz -O - | tar -xz'
        workingDir: /tmp/utils
        volumeMounts:
        - name: shared-binary
          mountPath: /tmp/utils
      containers:
      - name: httpbin
        image: kennethreitz/httpbin
        ports:
        - containerPort: 80
          name: http
        command:
        - /tmp/utils/k8s-await-election
        args: [ "gunicorn", "-b", "0.0.0.0:80", "httpbin:app", "-k", "gevent" ]
        env:
        - name: K8S_AWAIT_ELECTION_ENABLED
          value: "1"
        - name: K8S_AWAIT_ELECTION_NAME
          value: my-server
        - name: K8S_AWAIT_ELECTION_LOCK_NAME
          value: my-server
        - name: K8S_AWAIT_ELECTION_LOCK_NAMESPACE
          value: default
        - name: K8S_AWAIT_ELECTION_IDENTITY
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: K8S_AWAIT_ELECTION_STATUS_ENDPOINT
          value: :9999
        - name: K8S_AWAIT_ELECTION_SERVICE_NAME
          value: my-service
        - name: K8S_AWAIT_ELECTION_SERVICE_NAMESPACE
          value: default
        - name: K8S_AWAIT_ELECTION_SERVICE_PORTS_JSON
          value: '[{"name":"http","port":80}]'
        - name: K8S_AWAIT_ELECTION_POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: K8S_AWAIT_ELECTION_NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        volumeMounts:
        - name: shared-binary
          mountPath: /tmp/utils
---

字符串
然后检查有多少个pod,哪一个是领导者:

$ kubectl get pod
NAME                                       READY   STATUS    RESTARTS   AGE
my-server-with-replicas-59c7985c96-7j9m4   1/1     Running   0          49s
my-server-with-replicas-59c7985c96-fpnjj   1/1     Running   0          49s


日志会显示

$kubectl logs my-server-with-replicas-59c7985c96-fpnjj 
Defaulted container "httpbin" out of: httpbin, get-binary (init)
time="2023-12-30T11:43:39Z" level=info msg="running k8s-await-election" version=refs/tags/v0.2.3
I1230 11:43:39.439505       1 leaderelection.go:242] attempting to acquire leader lease  default/my-server...
time="2023-12-30T11:43:39Z" level=info msg="long live our new leader: 'my-server-with-replicas-59c7985c96-7j9m4'!"


这是一个从您的服务接收流量的副本

相关问题