时间戳

首页 > 解决方案 > Kubernetes deploy a single NodePort for two deployments in different namespaces

kubernetes - Kubernetes deploy a single NodePort for two deployments in different namespaces

问题描述

I have to deploy on my kubernetes cluster two deployments that use the same service for communicate but the two deployments are located into two differents namespaces:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: app1
  namespace: namespace1
  labels:
    app: app1
spec:
  replicas: 2
  selector:
    matchLabels:
      app: app1
  template:
    metadata:
      labels:
        app: app1
    spec:
      containers:
        - name: app1
          image: eu.gcr.io/direct-variety-20998876/test1:dev
          resources:
            requests:
              cpu: "100m"
              memory: "128Mi"
          ports:
            - containerPort: 8000
          imagePullPolicy: Always
          env:
              ...

and an identical second but in another amespace:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: app2
  namespace: namespace2
  labels:
    app: app2
spec:
  replicas: 2
  selector:
    matchLabels:
      app: app2
  template:
    metadata:
      labels:
        app: app2
    spec:
      containers:
        - name: app2
          image: eu.gcr.io/direct-variety-20998876/test1:prod
          resources:
            requests:
              cpu: "100m"
              memory: "128Mi"
          ports:
            - containerPort: 8000
          imagePullPolicy: Always
          env:
              ...

so i have to create a common service for bot deployment that run over the two namespaces: I try:

kind: Service
apiVersion: v1
metadata:
  name: apps-service
  namespace: ???
spec:
  selector:
    app: ???
  ports:
  - protocol: TCP
    port: 8000
    targetPort: 8000
  type: NodePort

Until now i create one service for any app in specific namespace but there is a method for create a single service for manage both deployment (and then associate an unique ingress)?

So many thanks in advance

标签: kuberneteskubernetes-servicekubernetes-deployment

解决方案

首先,我想提供一些一般性的解释。正如我们在Ingress 文档中看到的:

您必须有一个 Ingress 控制器才能满足 Ingress。仅创建 Ingress 资源没有任何效果。

Ingress Controller可以部署在任何命名空间中,并且通常部署在与应用程序命名空间分开的命名空间中。

入口资源(入口规则)应部署在与它们指向的服务相同的命名空间中。

可以为多个入口资源使用一个入口控制器。

将资源部署在与它指向Ingress的相同命名空间中是最常见的方法(我推荐这种方法)。Services但是,有一种方法可以Ingress在一个命名空间和Services另一个命名空间中使用externalName服务。

我将创建一个示例来说明它是如何工作的。

假设,我有两个Deployments( app1, app2) 部署在两个不同的Namespaces( namespace1, namespace2) 中:

$ cat app1.yml
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: app1
  name: app1
  namespace: namespace1
spec:
  selector:
    matchLabels:
      app: app1
  template:
    metadata:
      labels:
        app: app1
    spec:
      containers:
      - image: nginx
        name: nginx
    
$ cat app2.yml
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: app2
  name: app2
  namespace: namespace2
spec:
  selector:
    matchLabels:
      app: app2
  template:
    metadata:
      labels:
        app: app2
    spec:
      containers:
      - image: nginx
        name: nginx

我暴露Deployments了这些ClusterIP Services

$ cat svc-app1.yml
apiVersion: v1
kind: Service
metadata:
  labels:
    app: app1
  name: app1
  namespace: namespace1
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: app1
    
$ cat svc-app2.yml
apiVersion: v1
kind: Service
metadata:
  labels:
    app: app2
  name: app2
  namespace: namespace2
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: app2

Ingress我们希望在单独的Namespace( default)中拥有单个资源。首先,我们需要部署将服务映射到 DNS 名称的 ExternalName 类型的服务。

$ cat external-app1.yml
kind: Service
apiVersion: v1
metadata:
  name: external-app1
spec:
  type: ExternalName
  externalName: app1.namespace1.svc
  
$ cat external-app2.yml
kind: Service
apiVersion: v1
metadata:
  name: external-app2
spec:
  type: ExternalName
  externalName: app2.namespace2.svc

然后我们可以部署 Ingress 资源:

$ cat ingress.yml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/rewrite-target: /
  name: app-ingress
spec:
  rules:
    - http:
        paths:
          - path: /app1
            backend:
              serviceName: external-app1
              servicePort: 80
          - path: /app2
            backend:
              serviceName: external-app2
              servicePort: 80
              
$ kubectl apply -f ingress.yml
ingress.networking.k8s.io/app-ingress created

最后,我们可以检查它是否按预期工作:

$ curl 34.118.X.207/app1
app1
$ curl 34.118.X.207/app2
app2

注意:这是一种解决方法,并且可能对不同的入口控制器有不同的工作方式。通常最好在不同的命名空间中有两个或多个 Ingress 资源。

推荐阅读