using a client-side load-balancing library + Headless Services Headless services are to us what ClusterIP services are to common people! However, our KubeDNS was not happy at all with the SRV requests headless services worse. Conclusion: We stopped using headless services and gradually migrated to ClusterIP services ## Adopting Istio ## The hell of migrating hundreds of services - Services are immutable for each service migration, we need to: Write the ClusterIP service equivalent ☐ Make sure Istio-enabled callers update their config with the ClusterIP service ☐ Keep a double standard during migration

echo-b-host-67446447f7-chvsp 1/1 Running 0 4m50s host-to-b-multi-node-clusterip-78f9869d75-l8cf8 1/1 Running 0 4m50s host-to-b-multi-node-headless-798949bd5f-vvfff pod-to-b-intra-node-845f955cdc-5nfrt 1/1 Running 0 4m49s pod-to-b-multi-node-clusterip-666594b445-bsn4j 1/1 Running 0 4m49s pod-to-b-multi-node-headless-746f84dff5-prk4w echo-b-host-67446447f7-chvsp 1/1 Running 0 4m50s host-to-b-multi-node-clusterip-78f9869d75-l8cf8 1/1 Running 0 4m50s host-to-b-multi-node-headless-798949bd5f-vvfff

echo-b-host-6b7fc94b7c-xtsff 1/1 Running 0 66s host-to-b-multi-node-clusterip-85476cd779-bpg4b 1/1 Running 0 66s host-to-b-multi-node-headless-dc6c44cb5-8jdz8 pod-to-b-intra-node-nodeport-9b487cf89-6ptrt 1/1 Running 0 65s pod-to-b-multi-node-clusterip-7db5dfdcf7-jkjpw 1/1 Running 0 66s pod-to-b-multi-node-headless-7d44b85d69-mtscc echo-b-host-6b7fc94b7c-xtsff 1/1 Running 0 66s host-to-b-multi-node-clusterip-85476cd779-bpg4b 1/1 Running 0 66s host-to-b-multi-node-headless-dc6c44cb5-8jdz8

userservice.default.svc.cluster.local -> 10.254.162.44 1. 服务部署 - ServiceType=ClusterIP - ServiceName=userservice - ClusterIP=10.254.162.44 - Domain=userservice.default.svc.cluster.local ## I stio options中的 original dest 获取ClusterIP 根据ClusterIP从 VirtualHost 中匹配Rule规则，得到转发目标地址 Sidecar 5. iptables拦截到10.254.162.44的请求 转发到localhost，打到Sidecar 在TCP options将ClusterIP保存为original dest 7. 请求转发给对端 cluster.local -> 10.254.162.44 Pod IP=192.168.1.103 1. 服务部署 - ServiceType=ClusterIP - ServiceName=userservice - ClusterIP=10.254.162.44 - Domain=userservice.default.svc.cluster.local ## SOFAMesh 的DNS寻址

echo-b-host-f86bd784d-wnh4v 1/1 Running 0 68s host-to-b-multi-node-clusterip-585db65b4d-x74nz 1/1 Running 0 68s host-to-b-multi-node-headless-77c64bc7d8-kgf8p pod-to-b-intra-node-nodeport-8484fb6d89-bwj8q 1/1 Running 0 68s pod-to-b-multi-node-clusterip-f7655dbc8-h5bwk 1/1 Running 0 68s pod-to-b-multi-node-headless-5fd98b9648-5bjj8 echo-b-host-f86bd784d-wnh4v 1/1 Running 0 68s host-to-b-multi-node-clusterip-585db65b4d-x74nz 1/1 Running 0 68s host-to-b-multi-node-headless-77c64bc7d8-kgf8p

spec: type: ClusterIP ports: - port: 9999 targetPort: 9999 protocol: TCP name: http selector: {{- include "influxdb.selectorLabels". | nindent 4 }} spec: type: ClusterIP sessionAffinity: sessionAffinity: None clusterIP: None ports: - port: 9999 targetPort: 9999 protocol: TCP name: http selector: {{-include "influxdb.selectorLabels".|nindent4}} vi influxdb2/templates/statefulset # - ALL # readOnlyRootFilesystem:true # runAsNonRoot:true # runAsUser:1000 service: type: ClusterIP port:8888 ingress: enabled:false annotations:{} # kubernetes.io/ingress.class:nginx # kubernetes

echo-b-host-6b7fc94b7c-xtsff 1/1 Running 0 66s host-to-b-multi-node-clusterip-85476cd779-bpg4b 1/1 Running 0 66s host-to-b-multi-node-headless-dc6c44cb5-8jdz8 pod-to-b-intra-node-nodeport-9b487cf89-6ptrt 1/1 Running 0 65s pod-to-b-multi-node-clusterip-7db5dfdcf7-jkjpw 1/1 Running 0 66s pod-to-b-multi-node-headless-7d44b85d69-mtscc echo-b-host-6b7fc94b7c-xtsff 1/1 Running 0 66s host-to-b-multi-node-clusterip-85476cd779-bpg4b 1/1 Running 0 66s host-to-b-multi-node-headless-dc6c44cb5-8jdz8

58. oc create service clusterip 创建 ClusterIP 服务。 ## 用法示例 # Create a new ClusterIP service named my-cs oc create service clusterip my-cs --tcp=5678:8080 # Create a new ClusterIP service named my-cs (in (in headless mode) oc create service clusterip my-cs --clusterip="None" ###### 2.5.1.59. oc create service externalname 创建 ExternalName 服务。 ## 用法示例 # Create a new ExternalName service named services # Observe changes to services, including the clusterIP and invoke a script for each oc observe services --template '{.spec.clusterIP}' -- register_dns.sh # Observe changes to services

Running066shost-to-b-multi-node-clusterip-85476cd779-bpg4b1/1Running066sRunning065spod-to-b-multi-node-clusterip-7db5dfdcf7-jkjpw1/1Running066sRunning066shost-to-b-multi-node-clusterip-85476cd779-bpg4b1/1Running066s

网络类型。 首云支持ClusterIp ClusterIp 是 Kubernetes 中默认的服务类型 （ServiceType），选择此种类型，对应的 Service 将被分配一个集群内部的 IP 地址，只能在集群内部被访问。 ## NodePort 在每台 Node 的固定端口上暴露服务，选择 NodePort 的服务类型，集群会自动创建一个 ClusterIp 类型的服务，负责处理 Node 类型：选择服务类型，即服务访问的方式。包括： - ClusterIP：指通过集群的内部 IP 暴露服务，选择该值，服务只能够在集群内部可以访问，这也是默认的 ServiceType。 NodePort：通过每个 Node 上的 IP 和静态端口（NodePort）暴露服务。NodePort 服务会路由到 ClusterIP 服务，这个 ClusterIP 服务会自动创建。通过请求 ： provider: kubernetesClusterIP2020-03-23 15:28:4610.96.0.16443443编辑 移除应用hello-ClusterIP2020-03-27 12:46:2710