After multiple services are created in the same Kubernetes cluster in Enterprise Distributed Application Service (EDAS), the services inside the cluster may need to access each other. However, the services cannot access each other by using an Internet-facing or internal-facing Server Load Balancer (SLB) instance. In this case, you can add a service for the services so that the services inside the cluster can access each other. This topic describes how to add a service and verify access among services inside a cluster.

Background information

An application that is created in a Container Service Kubernetes cluster in EDAS usually consists of a group of pods that run the same docker image. Although pods have independent IP addresses, pods are quickly created and deleted. Therefore, you cannot access applications by accessing pods that may be deleted one after one.

You can solve the preceding issue by adding a service to the application. The service has a fixed IP address (ClusterIP). The service forwards the access traffic to the application to the pods and implements load balancing for these pods.

Procedure

  1. Perform one of the following operations as needed to go to the application details page:
    • In the left-side navigation pane, choose Resource Management > Container Service Kubernetes Clusters or Resource Management > Serverless Kubernetes Clusters. In the top navigation bar, select a region. In the upper part of the page, select a namespace. On the Container Service Kubernetes Cluster or Serverless Kubernetes Clusters page, click a cluster ID. In the Applications section of the Cluster Details page, click the name of the application for which you want to view the details.
    • In the left-side navigation pane, click Applications. In the top navigation bar, select a region. In the upper part of the page, select a namespace. Select Container Service or Serverless Kubernetes Cluster from the Cluster Type drop-down list and click the application name.
  2. In the Access configuration section of the Application Overview page, click the Plus sign icon on the right side of service.
    Note If you have configured a service, the service name and IP information are displayed here. You can click the Edit icon to change the port and protocol type of the service, or click the Delete icon to delete the service.
  3. In the service dialog box, specify the service name, service port, container port, and protocol type, and then click OK.
    Parameter Description
    Service Name Customize a service name. The service name must be unique and cannot be the same as an existing service name.

    The name must be 2 to 32 characters in length and can contain lowercase letters, digits, and hyphens (-). The name must start with a letter and end with a letter or a digit.

    Service Port The frontend port of the service. The application is accessed through this port. Valid values: 1 to 65535.
    Container Port The port that the process listens on. The port is generally defined by the program. Valid values: 1 to 65535.
    Protocol The service protocol. Valid values: TCP and UDP. Default value: TCP.
    Note
    When you add a service for an application, you must take note of the following two points:
    • You can add multiple port mappings in the same service. However, if you need to set different port mappings to different service names, repeat Step 3 to Step 4 to add multiple services.
    • When you add multiple port mappings to the same service, set both service ports and protocols to different values for the port mappings. For example, if you set two port mappings to 80|8080|TCP and 80|8081|TCP, the two port mappings cannot be saved, and a message "Invalid parameter" appears.

Verify the result

After you add a service to the current application, you can log on to a pod in the Kubernetes cluster, and access the application by using the fixed IP address of the service in the pod.

This example verifies access to a web service. The methods of verifying access to services of other types are different.

  1. Log on to the Container Service for Kubernetes (ACK) console.
  2. In the left-side navigation pane, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and choose More > Open Cloud Shell in the Actions column.
    The Cloud Shell that is associated with the cluster is automatically opened at the bottom of the page. When the Cloud Shell that is associated with the cluster is opened, the system automatically loads the kubeconfig file of the cluster. Then, you can use kubectl to manage the cluster.
  4. Run the following command to query all the pods in the cluster:
    kubectl get pods
    The following pods are returned:
    NAME                                             READY   STATUS             RESTARTS   AGE
    store-pre-****-group-1-19-****7569b-f7***        1/1     Running            0          28h
    store-prod-***duct-group-1-1-****7f894-zh***     1/1     Running            0          28h
  5. Run the following command to log on to one of the returned pods:
    kubectl exec -it store-prod-***duct-group-1-1-****7f894-zh*** /bin/sh
  6. Run the following command to access the application by using the fixed IP address of the service:
    wget 10.XX.XX.XX:8081    // The IP address and the service port must be consistent with those of your service. 
    The following similar logs are returned:
    Connecting to 10.XX.XX.XX:8081 (10.XX.XX.XX:8081)
    index.html           100% |*******************************************************|  2203  0:00:00 ETA
    Note This example verifies the access to the web service. If you verify access to a service of another type, the returned logs are different and vary based on the actual service type.