这是我的问题:我在 kubernetes yaml 文件中定义了 3 个服务:
- 一个前端(网站(
- 一个后端:有状态,用于用户会话
- 一个后端:无状态
我需要有状态服务的会话相关性,但不需要无状态服务和前端服务的会话相关性。我需要会话亲和力是基于 cookie 的,而不是基于客户端 IP。
mydomain/stateful ===> Front-End Service (3 pods) ===> Stateful Service (3 pods, need session affinity)
mydomain/stateless ===> Front-End Service (3 pods) ===> Stateless Service (3 pods, do not need session affinity)
我尝试使用 Ingress 服务,但我看不到如何将其用作 Kubernetes 集群内 2 个服务之间的代理。我看到的所有示例都显示了如何使用入口作为来自集群外部的请求的路由器。
到目前为止,这是我的poc.yaml:
####################################################################
######################### STATEFUL BACKEND #########################
# Deployment for pocbackend containers, listening on port 3000
apiVersion: apps/v1
kind: Deployment
metadata:
name: stateful-deployment
spec:
replicas: 3
selector:
matchLabels:
app: stateful-backend
tier: backend
template:
metadata:
labels:
app: stateful-backend
tier: backend
spec:
containers:
- name: pocbackend
image: pocbackend:2.0
ports:
- name: http
containerPort: 3000
---
# Service for Stateful containers, listening on port 3000
apiVersion: v1
kind: Service
metadata:
name: api-stateful
spec:
selector:
app: stateful-backend
tier: backend
ports:
- protocol: TCP
port: 3002
targetPort: http
#sessionAffinity: ClientIP
---
#####################################################################
######################### STATELESS BACKEND #########################
# Deployment for pocbackend containers, listening on port 3000
apiVersion: apps/v1
kind: Deployment
metadata:
name: stateless-backend
spec:
replicas: 3
selector:
matchLabels:
app: stateless-backend
tier: backend
template:
metadata:
labels:
app: stateless-backend
tier: backend
spec:
containers:
- name: pocbackend
image: pocbackend:2.0
ports:
- name: http
containerPort: 3000
---
# Service for Stateless containers, listening on port 3000
apiVersion: v1
kind: Service
metadata:
name: api-stateless
spec:
selector:
app: stateless-backend
tier: backend
ports:
- protocol: TCP
port: 3001
targetPort: http
---
#############################################################
######################### FRONT END #########################
# deployment of the container pocfrontend listening to port 3500
apiVersion: apps/v1
kind: Deployment
metadata:
name: front-deployment
spec:
replicas: 1
selector:
matchLabels:
app: frontend
tier: frontend
template:
metadata:
labels:
app: frontend
tier: frontend
spec:
containers:
- name: pocfrontend
image: pocfrontend:2.0
ports:
- name: http
containerPort: 3500
---
# Service exposing frontend on node port 85
apiVersion: v1
kind: Service
metadata:
name: frontend-service
spec:
type: LoadBalancer
selector:
app: frontend
tier: frontend
ports:
- protocol: TCP
port: 85
targetPort: http
你知道如何解决我的问题吗?
谢谢!
Natively Kubernetes 本身不提供服务[概念]级别的session affinity。
我想到的唯一方法是使用 Istio 并且它Destination Rules.摘自 istio 手册:
DestinationRule定义在路由发生后应用于服务的流量的策略。这些规则指定负载平衡的配置、挎斗的连接池大小以及异常值检测设置,以检测和逐出负载平衡池中的不正常主机。
本文档展示了如何使用 istio 配置sticky session。