我正在部署以下有狀態集,包括兩種不同的服務。一項用於叢集存取 Pod 的服務 ( crdb-service.yaml),一項服務用於 Pod 的內部通訊 ( crdb.yaml)。
crdb-service.yaml
apiVersion: v1
kind: Service
metadata:
name: crdb-service
labels:
app: crdb
spec:
ports:
- port: 26257
targetPort: 26257
name: grpc
- port: 80
targetPort: 8080
name: http
selector:
app: crdb
crdb.yaml
apiVersion: v1
kind: Service
metadata:
name: crdb
labels:
app: crdb
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
prometheus.io/scrape: "true"
prometheus.io/path: "_status/vars"
prometheus.io/port: "8080"
spec:
ports:
- port: 26257
targetPort: 26257
name: grpc
- port: 8080
targetPort: 8080
name: http
publishNotReadyAddresses: true
clusterIP: None
selector:
app: crdb
statefulset.yaml
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: crdb
labels:
app: crdb
spec:
serviceName: "crdb"
replicas: 5
template:
metadata:
labels:
app: crdb
spec:
serviceAccountName: crdb
containers:
- name: crdb
image: cockroachdb/cockroach:v19.1.2
imagePullPolicy: IfNotPresent
ports:
- containerPort: 26257
name: grpc
- containerPort: 8080
name: http
livenessProbe:
httpGet:
path: "/health"
port: http
scheme: HTTPS
initialDelaySeconds: 30
periodSeconds: 5
readinessProbe:
httpGet:
path: "/health?ready=1"
port: http
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 5
failureThreshold: 2
volumeMounts:
- name: datadir
mountPath: /cockroach/cockroach-data
- name: certs
mountPath: /cockroach/cockroach-certs
env:
- name: STATEFULSET_NAME
value: "crdb"
- name: STATEFULSET_FQDN
value: "crdb.default.svc.cluster.local"
- name: COCKROACH_CHANNEL
value: kubernetes-secure
command:
- "/bin/bash"
- "-ecx"
- "exec /cockroach/cockroach start --logtostderr --certs-dir /cockroach/cockroach-certs --advertise-host $(hostname -f) --http-host 0.0.0.0 --join crdb-0.crdb,crdb-1.crdb,crdb-2.crdb,crdb-3.crdb,crdb-4.crdb --cache 25% --max-sql-memory 25%"
terminationGracePeriodSeconds: 60
volumes:
- name: datadir
persistentVolumeClaim:
claimName: datadir
- name: certs
emptyDir: {}
podManagementPolicy: Parallel
updateStrategy:
type: RollingUpdate
volumeClaimTemplates:
- metadata:
name: datadir
spec:
accessModes:
- "ReadWriteOnce"
storageClassName: local-crdb-space
resources:
requests:
storage: 1800Gi
現在我檢查已部署的服務:
$ kubectl describe service crdb
Name: crdb
Namespace: default
Labels: app=crdb
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","metadata":{"annotations":{"prometheus.io/path":"_status/vars","prometheus.io/port":"8080","prometheus.io/scrape":"...
prometheus.io/path=_status/vars
prometheus.io/port=8080
prometheus.io/scrape=true
service.alpha.kubernetes.io/tolerate-unready-endpoints=true
Selector: app=crdb
Type: ClusterIP
IP: None
Port: grpc 26257/TCP
TargetPort: 26257/TCP
Endpoints: 10.244.10.24:26257,10.244.2.23:26257,10.244.3.18:26257 + 2 more...
Port: http 8080/TCP
TargetPort: 8080/TCP
Endpoints: 10.244.10.24:8080,10.244.2.23:8080,10.244.3.18:8080 + 2 more...
Session Affinity: None
Events: <none>
$ kubectl describe service crdb-service
Name: crdb-service
Namespace: default
Labels: app=crdb
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"crdb"},"name":"crdb-service","namespace":"default"},"spec":{"ports":[...
Selector: app=crdb
Type: ClusterIP
IP: 10.100.71.172
Port: grpc 26257/TCP
TargetPort: 26257/TCP
Endpoints:
Port: http 80/TCP
TargetPort: 8080/TCP
Endpoints:
Session Affinity: None
Events: <none>
儘管具有完全相同的標籤選擇器,但叢集服務的端點欄位為空。檢查https://github.com/kubernetes/kubernetes/issues/11795 https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service並沒有找出原因。
一些可能與當前問題相關的附加資訊。我已將叢集從 1.13 -> 1.14 -> 1.15 更新。 Pod 運行在最近新增到叢集的節點上。之前,對於部署在新節點上的 Pod 存在網路問題(由於 dns 失敗而無法訪問,透過net.ipv4.ip_forward = 1在新節點上設定解決了這個問題)
我怎樣才能獲得識別 Pod 的服務?
答案1
NVM,浪費了2小時。它只是publishNotReadyAddresses: true需要添加到服務中以便 pod 在啟動時發布其 IP 的欄位。