After multiple services are created in the same Kubernetes cluster in Enterprise Distributed
Application Service (EDAS), the services inside the cluster may need to access each
other. However, the services cannot access each other by using an Internet-facing
or internal-facing Server Load Balancer (SLB) instance. In this case, you can add
a service for the services so that the services inside the cluster can access each
other. This topic describes how to add a service and verify access among services
inside a cluster.
Background information
An application that is created in a Container Service for Kubernetes (ACK) cluster
in EDAS usually consists of a group of pods that run the same docker image. Although
pods have independent IP addresses, pods are quickly created and deleted. Therefore,
you cannot access the application by accessing pods that may be deleted one after
one.
You can resolve the preceding issue by adding a service to the application. The service
has a fixed IP address (ClusterIP). The service forwards the access traffic of the
application to the pods and implements load balancing for these pods.
Procedure
- Log on to the EDAS console.
- Go to the Application Overview page by using one of the following methods:
- In the left-side navigation pane, choose or . In the top navigation bar, select a region. In the upper part of the page, select
a microservice namespace. On the Container Service Kubernetes Clusters or Serverless Kubernetes Clusters page, click a cluster ID. In the Applications section of the Cluster Details page, click the name of the application that you want to manage.
- In the left-side navigation pane, click Applications. In the top navigation bar, select a region. In the upper part of the page, select
a microservice namespace. Select Container Service or Serverless Kubernetes Cluster from the Cluster Type drop-down list and click the name of the application that you want to manage.
- On the Application Overview page, click the
icon next to service in the Access configuration section.
Note If you have configured a service, the service name and IP address are displayed. You
can click the

icon to change the port and protocol type of the service, or click the

icon to remove the service.
- In the service dialog box, specify the service name, service port, container port, and protocol
type, and then click OK.
Parameter |
Description |
Service Name |
The name of the service. The service name must be unique and cannot be the same as
an existing service name.
The name must be 2 to 32 characters in length and can contain lowercase letters, digits,
and hyphens (-). The name must start with a letter and end with a letter or a digit.
|
Service Port |
The frontend port of the service. The application is accessed by using this port.
Valid values: 1 to 65535.
|
Container Port |
The port on which a process listens. This port is defined by the application. Valid
values: 1 to 65535.
|
Protocol |
The service protocol. Valid values: TCP and UDP. Default value: TCP.
|
Note
When you add a service to an application, you must take note of the following two
items:
- You can add multiple port mappings in the same service. However, if you need to set
different port mappings to different service names, repeat Step 3 to Step 4 to add multiple services.
- When you add multiple port mappings to the same service, set both service ports and
protocols to different values for the port mappings. For example, if you set two port
mappings to 80|8080|TCP and 80|8081|TCP, the two port mappings cannot be saved, and the message Port mapping has duplicate entries appears.
Verify the result
After you add a service to the current application, you can log on to a pod in the
ACK cluster, and access the application by using the fixed IP address of the service
in the pod.
This example verifies access to a web service. The methods of verifying access to
services of other types are different.
- Log on to the ACK console.
- In the left-side navigation pane, click Clusters.
- On the Clusters page, find the cluster that you want to manage and choose in the Actions column.
Cloud Shell that is associated with the cluster is automatically opened in the lower
part of the page. When Cloud Shell that is associated with the cluster is opened,
the system automatically loads the kubeconfig file of the cluster. Then, you can use
kubectl to manage the cluster.
- Run the following command to query all the pods in the cluster:
The following pods are returned:
NAME READY STATUS RESTARTS AGE
store-pre-****-group-1-19-****7569b-f7*** 1/1 Running 0 28h
store-prod-***duct-group-1-1-****7f894-zh*** 1/1 Running 0 28h
- Run the following command to log on to one of the returned pods:
kubectl exec -it store-prod-***duct-group-1-1-****7f894-zh*** /bin/sh
- Run the following command to access the application by using the fixed IP address
of the service:
wget 10.XX.XX.XX:8081 // The IP address and the service port must be consistent with those of your service.
The following similar logs are returned:
Connecting to 10.XX.XX.XX:8081 (10.XX.XX.XX:8081)
index.html 100% |*******************************************************| 2203 0:00:00 ETA
Note This example verifies the access to the web service. If you verify access to a service
of another type, the returned logs are different and vary based on the actual service
type.