如何找出Kubernetes中可用的端口? [英] How can I find out which ports are available in Kubernetes?

问题描述

我想在kubernetes集群的不同端口上运行多个服务，并且我想知道如何检查哪些端口可用，并且不会与我的服务引起任何冲突.我还想知道每个端口上的服务的名称，以便可以更好地了解我的配置.

解决方案

我想说的是，您需要了解一下您的Pod(您的多项服务)如何使k8s集群进出流量.

服务网络

在那之后，据我所知，您的意思是您想问我们如何管理NodePorts

NodePorts

作为提供的文件:

如果将类型字段设置为NodePort，则Kubernetes控制平面 从--service-node-port-range指定的范围内分配端口 标志(默认值:30000-32767).每个节点代理该端口(相同 每个节点上的端口号)插入您的服务.您的服务报告 在其.spec.ports[*].nodePort字段中分配的端口.

所以k8已经为您管理了NodePorts:

• 配置是集群级别的，因此您无需关心工作负载节点之间的冲突.

• 如果您未指定NodePort，则k8s集群将在上述范围内生成一个端口并将其映射到您的服务(该端口将指向您的Pod-您的应用)

• 您无法在1个k8s集群中指定相同的NodePort，因此您无需关心与服务的冲突.

• 还有1件事，您可以使用下面的kubectl命令显示您的所有svc以及NodePort正在与其映射的详细信息: kubectl get svc --all-namespaces 或者，您可以将k8s-dashboard安装到k8s-cluster中，并检查应用程序的每个名称空间，以查看和管理服务和NodePort.

您需要关心的另一件事是控制VPC中的流量(如果您使用云解决方案) iptable是在UNIX计算机上管理流量的低级概念. 但是，为了获得概念，您只需要知道为什么以及如何管理流量即可:

• VPC网络(GCP)上的防火墙规则
• VPC(AWS)上的安全组

I want to run several services on different ports in a kubernetes cluster and I would like to know how to check which ports are available and wouldn't cause any conflicts with my services. I would also like to know the names of the services on each port so I can understand my configuration better.

解决方案

I want to say that you need to get the concept how your pods (your several services) can get traffic in and out your k8s-cluster.

Service Networking

After that, as i understand your mean is that you want to ask how we can manage NodePorts

NodePorts

As the documents provided:

If you set the type field to NodePort, the Kubernetes control plane allocates a port from a range specified by --service-node-port-range flag (default: 30000-32767). Each node proxies that port (the same port number on every Node) into your Service. Your Service reports the allocated port in its .spec.ports[*].nodePort field.

So the k8s already managed the NodePorts for you:

• Configuration is cluster level, so you dont need to care the conflict between workload nodes.

• If you do not specify NodePort, k8s cluster will generate a Port in above range and map it to your service (which will point into your pods - your apps)

• You can not specify the same NodePort in 1 k8s-cluster, so you do not need to care about conflicts with your services.

• And 1 more thing, you can use below kubectl command to show all your svc and details which NodePort is mapping with them: kubectl get svc --all-namespaces Or you can install k8s-dashboard into your k8s-cluster and check every single namespace of your application to see and manage your service and NodePorts.

And another thing you need to care about is controlling your traffic in your VPC (if you use cloud solution) The low level concepts to manage traffic in a unix machine is iptable. But in order to get the concept you only need to know why and how we can manage traffic:

• Firewall rules on VPC networks (GCP)
• Security Group on VPC (AWS)

这篇关于如何找出Kubernetes中可用的端口?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！