You can implement service discovery on virtual nodes in Container Service for Kubernetes
(ACK) clusters. The following types of Services are supported for service discovery:
intranet Services, headless Services, and ClusterIP Services.
Set up the environment
After you use a Helm chart to deploy a virtual node, verify that the relevant environment
variables are valid.
- Log on to the ACK console.
- In the left-side navigation pane of the ACK console, choose .
- On the Marketplace page, click the App Catalog tab. Find and click ack-virtual-node.
- On the ack-virtual-node page, click Deploy.
- In the Deploy wizard, select a cluster and namespace, and then click Next.
- On the Parameters wizard page, set the parameters and click OK.
ECI_VPC
: The ID of the virtual private cloud (VPC) where the ACK cluster is deployed. Replace
it with the VPC ID of your cluster.
ALIYUN_CLUSTERID
: The ID of the ACK cluster. Replace it with the ID of your cluster. Do not set the
value to default or leave this parameter empty.
Procedure
- Create a Deployment and Services.
Copy the following sample code to a YAML file and run the kubectl create -f nginx-service-ack.yaml
command to create a Deployment and Services:
apiVersion: v1
kind: Service
metadata:
name: nginx-headless-service
annotations:
service.beta.kubernetes.io/alibaba-cloud-private-zone-enable: "true"
spec:
ports:
- port: 80
protocol: TCP
selector:
app: nginx
clusterIP: None
---
apiVersion: v1
kind: Service
metadata:
name: nginx-clusterip-service
annotations:
service.beta.kubernetes.io/alibaba-cloud-private-zone-enable: "true"
spec:
ports:
- port: 80
protocol: TCP
selector:
app: nginx
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: nginx-intranet-service
annotations:
service.beta.kubernetes.io/alicloud-loadbalancer-address-type: intranet
service.beta.kubernetes.io/alibaba-cloud-private-zone-enable: "true"
spec:
ports:
- port: 80
protocol: TCP
selector:
app: nginx
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80
Note By default, the DNS records of Services in an ACK cluster are not synchronized to
Alibaba Cloud DNS PrivateZone. To synchronize these records, you must add the following
annotation to the Service configuration:
annotations:
service.beta.kubernetes.io/alibaba-cloud-private-zone-enable: "true"
This way, the virtual node controller synchronizes the DNS records of the Services
to Alibaba Cloud DNS PrivateZone.
- Log on to the Alibaba Cloud DNS console.
- In the left-side navigation pane, click PrivateZone. On the Hosted Zones tab, you can view the PrivateZone records that are automatically generated in each
zone.
- In the list of Hosted Zones, find the zone that you want to configure and click Configure in the Actions column. The Resolution Settings page appears.
Note All PrivateZone records are in the
$svc.$ns
format. Each PrivateZone record maps a Service to an IP address. Comply with the
following rules to parse columns:
- A LoadBalancer Service corresponds only to one PrivateZone record. The record maps
the Service to the IP address of a Server Load Balancer (SLB) instance.
- A ClusterIP Service corresponds to multiple PrivateZone records. The records map the
Service to the IP addresses of its backend pods.
- A headless Service corresponds to multiple PrivateZone records. The records map the
Service to the IP addresses of its backend pods.
You can access a Service from within the VPC by using the private domain name of the
Service.
- You can use
$svc.$ns.svc.cluster.local.$clusterId
to access Services in your cluster. You can also use $svc.$ns.svc.cluster.local.$clusterId
to access Services in other clusters after the Services are synchronized to Alibaba
Cloud DNS PrivateZone.
- You can use
$svc
to access Services in the current namespace and use $svc.$ns
to access Services in other namespaces.