近日,阿里云Serverless Kubernetes服务基于ECI推出pod挂载弹性公网EIP功能,此功能使某些serverless容器应用的部署和服务访问变得更加简单和便利。
- 无需创建VPC NAT网关即可让单个pod访问公网
- 无需创建service也可让单个pod暴露公网服务
目前Serverless Kubernetes支持两种方法挂载EIP,支持自动分配EIP,或者指定EIP实例进行绑定。
方法一:自动分配弹性公网EIP
通过指定Annonation "k8s.aliyun.com/eci-with-eip"为"true",serverless kubernetes服务会自动为此pod分配一个eip,并且绑定到pod上。
示例:
#cat nginx-enable-eip-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
annotations:
"k8s.aliyun.com/eci-with-eip": "true"
spec:
containers:
- image: registry-vpc.cn-hangzhou.aliyuncs.com/jovi/nginx:alpine
imagePullPolicy: Always
name: nginx
ports:
- containerPort: 80
name: http
protocol: TCP
restartPolicy: OnFailure
AI 代码解读
创建pod:
#kubectl apply -f nginx-enable-eip-pod.yaml
pod "nginx" created
#kubectl get pod
nginx 1/1 Running 0 20s
AI 代码解读
查看pod的ip地址:
# kubectl describe pod
Name: nginx
Namespace: default
Node: viking-c7d16b6c584544f65bfa4eba3a8b04d63/
Start Time: Mon, 07 Jan 2019 13:19:47 +0800
Labels: <none>
Annotations: k8s.aliyun.com/allocated-eipAddress=47.96.67.132
k8s.aliyun.com/allocated-eipInstanceId=eip-bp1wtbt7vp18tgu5g7rb2
k8s.aliyun.com/eci-with-eip=true
kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{"k8s.aliyun.com/enable-eip":"true"},"name":"nginx","namespace":"default"},"spec":{"container...
kubernetes.io/limit-ranger=LimitRanger plugin set: cpu, memory request for container nginx
Status: Running
IP: 10.1.89.103
Containers:
nginx:
Container ID: eci://779380281b08b325b4b7a1b66c4cb9e706985b25cde0c36345af93a308745b95
Image: registry-vpc.cn-hangzhou.aliyuncs.com/jovi/nginx:alpine
Image ID:
Port: 80/TCP
State: Running
Started: Mon, 07 Jan 2019 13:19:47 +0800
Ready: True
Restart Count: 0
Requests:
cpu: 1
memory: 2Gi
Environment: <none>
...
# kubectl describe pod|grep allocated-eipAddress
Annotations: k8s.aliyun.com/allocated-eipAddress=47.96.67.132
AI 代码解读
我们可以看到在pod的Annotations中显示了已分配的eip,通过此eip可直接访问pod。
# curl 47.96.67.132
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...
AI 代码解读
因为此方式中eip为动态分配,其生命周期与pod相同,当pod被删除时,动态分配的eip也会被一同删除。
我们也可以通过Annotation “k8s.aliyun.com/eip-bandwidth”指定eip的带宽,默认值为5,单位为M。
请注意,如果您创建的是deployment,那么deployment中的每一个pod都将会被挂载不同的eip,请谨慎使用此操作。
方法二:指定弹性公网IP实例id
首先用户需要在eip控制台购买弹性公网eip。
通过指定pod的Annonation "k8s.aliyun.com/eci-eip-instanceid"为eip实例id,如下:
# cat nginx-eipid-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
annotations:
"k8s.aliyun.com/eci-eip-instanceid": "eip-bp19trewkig3i9pnek99i"
spec:
containers:
- image: registry-vpc.cn-hangzhou.aliyuncs.com/jovi/nginx:alpine
imagePullPolicy: Always
name: nginx
ports:
- containerPort: 80
name: http
protocol: TCP
restartPolicy: OnFailure
AI 代码解读
创建pod
# kubectl apply -f nginx-eipid-pod.yaml
pod "nginx" created
# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 20s
AI 代码解读
通过eip访问pod:
# curl 47.111.20.92
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
...
AI 代码解读
此种方式种当pod被删除时,pod和eip解除绑定。pod重新创建时eip则会重新被绑定。
快速试用Serverless Kubernetes
欢迎登录容器服务控制台,公测期间免费使用,https://cs.console.aliyun.com/#/k8s
如在使用中有任何问题,欢迎扫码加入Serverless K8s钉钉群进行讨论
