一、首先说headless Service和普通Service的区别
headless不分配clusterIP
headless service下的Pod有DNS地址,可以通过Pod的DNS地址解析到Pod的IP地址
普通的service下的Pod没有DNS,只能通过svc的DNS解析到svc的clusterIP

Service的ClusterIP工作原理:一个service可能对应一组endpoints(所有pod的地址+端口),client访问ClusterIP,通过iptables或者ipvs转发到Real Server(Pod),具体操作如下

[[email protected] ~]# kubectl get svc -n ms #获取所有svc,看到gateway这个service的clusterIP是10.0.0.14 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE eureka ClusterIP None <none> 8888/TCP 21h gateway ClusterIP 10.0.0.14 <none> 9999/TCP 20h mysql-production ClusterIP 10.0.0.251 <none> 3306/TCP 23h portal ClusterIP 10.0.0.124 <none> 8080/TCP 17h
[[email protected] ~]# kubectl describe svc gateway -n ms #看到gateway这个service的具体信息 Name: gateway Namespace: ms Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"gateway","namespace":"ms"},"spec":{"ports":[{"name":"gateway","po... Selector: app=gateway,project=ms Type: ClusterIP IP: 10.0.0.14 Port: gateway 9999/TCP TargetPort: 9999/TCP Endpoints: 10.244.1.212:9999 #该service下的Pod地址 Session Affinity: None Events: <none>

[[email protected] ~]# kubectl exec -it gateway-6cd76c98fb-8w92t -n ms sh #进入一个容器测试解析 / # nslookup gateway.ms.svc.cluster.local #测试解析gateway这个service的DNS nslookup: can‘t resolve ‘(null)‘: Name does not resolve Name: gateway.ms.svc.cluster.local Address 1: 10.0.0.14 gateway.ms.svc.cluster.local #这个结果就是gateway这个service的ClusterIP

从上面的结果能看到,虽然Service有1个endpoint,但是DNS查询时只会返回Service的ClusterIP地址,具体Client访问的是哪个real server,由iptables或者ipvs决定

下面来看看headless Service的结果

[[email protected] ~]# kubectl get svc -n ms #查看所有SVC,看到eureka的这个headless service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE eureka ClusterIP None <none> 8888/TCP 21h gateway ClusterIP 10.0.0.14 <none> 9999/TCP 20h mysql-production ClusterIP 10.0.0.251 <none> 3306/TCP 23h portal ClusterIP 10.0.0.124 <none> 8080/TCP 18h [[email protected] ~]# kubectl describe svc eureka -n ms #看到eureka的这个headless service下面的endpoints Name: eureka Namespace: ms Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"eureka","namespace":"ms"},"spec":{"clusterIP":"None","ports":[{"n... Selector: app=eureka,project=ms Type: ClusterIP IP: None Port: eureka 8888/TCP TargetPort: 8888/TCP Endpoints: 10.244.1.210:8888,10.244.1.211:8888,10.244.2.45:8888 Session Affinity: None Events: <none> [[email protected] ~]# kubectl exec -it gateway-6cd76c98fb-8w92t -n ms sh #进入容器测试解析 / # nslookup eureka.ms.svc.cluster.local #通过解析eureka这个headless service的DNS地址,可以看到关联的具体endpoints信息 nslookup: can‘t resolve ‘(null)‘: Name does not resolve Name: eureka.ms.svc.cluster.local Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local Address 2: 10.244.1.210 eureka-0.eureka.ms.svc.cluster.local Address 3: 10.244.2.45 eureka-1.eureka.ms.svc.cluster.local

/ # nslookup eureka-2.eureka.ms.svc.cluster.local  #解析pod的DNS记录,也能返回Pod的IP
  nslookup: can‘t resolve ‘(null)‘: Name does not resolve

Name: eureka-2.eureka.ms.svc.cluster.local
  Address 1: 10.244.1.211 eureka-2.eureka.ms.svc.cluster.local