After multiple services are created in the same Kubernetes cluster in Enterprise Distributed Application Service (EDAS), the services inside the cluster may need to access each other. However, the services cannot access each other by using an Internet-facing or internal-facing Server Load Balancer (SLB) instance. In this case, you can add a service for the services so that the services inside the cluster can access each other. This topic describes how to add a service and verify access among services inside a cluster.

Background information

An application that is created in a Container Service for Kubernetes (ACK) cluster in EDAS usually consists of a group of pods that run the same docker image. Although pods have independent IP addresses, pods are quickly created and deleted. Therefore, you cannot access the application by accessing pods that may be deleted one after one.

You can resolve the preceding issue by adding a service to the application. The service has a fixed IP address (ClusterIP). The service forwards the access traffic of the application to the pods and implements load balancing for these pods.

Procedure

  1. Log on to the EDAS console.
  2. Go to the Application Overview page by using one of the following methods:
    • In the left-side navigation pane, choose Resource Management > Container Service Kubernetes Clusters or Resource Management > Serverless Kubernetes Clusters. In the top navigation bar, select a region. In the upper part of the page, select a microservice namespace. On the Container Service Kubernetes Clusters or Serverless Kubernetes Clusters page, click a cluster ID. In the Applications section of the Cluster Details page, click the name of the application that you want to manage.
    • In the left-side navigation pane, click Applications. In the top navigation bar, select a region. In the upper part of the page, select a microservice namespace. Select Container Service or Serverless Kubernetes Cluster from the Cluster Type drop-down list and click the name of the application that you want to manage.
  3. On the Application Overview page, click the Plus icon icon next to service in the Access configuration section.
    Note If you have configured a service, the service name and IP address are displayed. You can click the Edit icon to change the port and protocol type of the service, or click the Delete icon to remove the service.
  4. In the service dialog box, specify the service name, service port, container port, and protocol type, and then click OK.
    Parameter Description
    Service Name The name of the service. The service name must be unique and cannot be the same as an existing service name.

    The name must be 2 to 32 characters in length and can contain lowercase letters, digits, and hyphens (-). The name must start with a letter and end with a letter or a digit.

    Service Port The frontend port of the service. The application is accessed by using this port. Valid values: 1 to 65535.
    Container Port The port on which a process listens. This port is defined by the application. Valid values: 1 to 65535.
    Protocol The service protocol. Valid values: TCP and UDP. Default value: TCP.
    Note
    When you add a service to an application, you must take note of the following two items:
    • You can add multiple port mappings in the same service. However, if you need to set different port mappings to different service names, repeat Step 3 to Step 4 to add multiple services.
    • When you add multiple port mappings to the same service, set both service ports and protocols to different values for the port mappings. For example, if you set two port mappings to 80|8080|TCP and 80|8081|TCP, the two port mappings cannot be saved, and the message Port mapping has duplicate entries appears.

Verify the result

After you add a service to the current application, you can log on to a pod in the ACK cluster, and access the application by using the fixed IP address of the service in the pod.

This example verifies access to a web service. The methods of verifying access to services of other types are different.

  1. Log on to the ACK console.
  2. In the left-side navigation pane, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and choose More > Open Cloud Shell in the Actions column.
    Cloud Shell that is associated with the cluster is automatically opened in the lower part of the page. When Cloud Shell that is associated with the cluster is opened, the system automatically loads the kubeconfig file of the cluster. Then, you can use kubectl to manage the cluster.
  4. Run the following command to query all the pods in the cluster: 
    kubectl get pods
    The following pods are returned:
    NAME                                             READY   STATUS             RESTARTS   AGE
store-pre-****-group-1-19-****7569b-f7***        1/1     Running            0          28h
store-prod-***duct-group-1-1-****7f894-zh***     1/1     Running            0          28h
  5. Run the following command to log on to one of the returned pods: 
    kubectl exec -it store-prod-***duct-group-1-1-****7f894-zh*** /bin/sh
  6. Run the following command to access the application by using the fixed IP address of the service: 
    wget 10.XX.XX.XX:8081    // The IP address and the service port must be consistent with those of your service.
    The following similar logs are returned:
    Connecting to 10.XX.XX.XX:8081 (10.XX.XX.XX:8081)
index.html           100% |*******************************************************|  2203  0:00:00 ETA
    Note This example verifies the access to the web service. If you verify access to a service of another type, the returned logs are different and vary based on the actual service type.