Open in app

Sign in

Write

Sign in

Serverless Kubernetes Container Service Supports Mounting EIPs with Pods

Alibaba Cloud
3 min readApr 9, 2019

--

By Xianwei

Recently, Alibaba Cloud serverless Container Service for Kubernetes added support for mounting elastic IP addresses (EIPs) with pods. This feature further simplifies the deployment of some serverless container applications and service access.

  • A single pod can access public networks without creating VPC NAT gateways.
  • A single pod can also expose public network services without creating services.
  • Pods and EIPs can be bound in a more flexible and dynamic way.

Currently Serverless Kubernetes supports two methods of mounting EIPs: automatically assigning an EIP or specifying an EIP instance.

Method 1: Automatically Assigning an Elastic IP Address

When the “k8s.aliyun.com/enable-eip” annotation is set to “true”, Serverless Kubernetes automatically assigns an EIP to this pod and binds that IEP to the pod

Example:

#cat nginx-enable-eip-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  annotations:
    "k8s.aliyun.com/enable-eip": "true"
spec:
  containers:
  - image: registry-vpc.cn-hangzhou.aliyuncs.com/jovi/nginx:alpine
    imagePullPolicy: Always
    name: nginx
    ports:
    - containerPort: 80
      name: http
      protocol: TCP
  restartPolicy: OnFailure

Create a pod:

#kubectl apply -f nginx-enable-eip-pod.yaml
pod "nginx" created#kubectl get pod
nginx     1/1       Running   0         20s

View the IP address of the pod:

# kubectl describe pod
Name:         nginx
Namespace:    default
Node:         viking-c7d16b6c584544f65bfa4eba3a8b04d63/
Start Time:   Mon, 07 Jan 2019 13:19:47 +0800
Labels:       <none>
Annotations:  k8s.aliyun.com/allocated-eipAddress=47.96.67.132
              k8s.aliyun.com/allocated-eipInstanceId=eip-bp1wtbt7vp18tgu5g7rb2
              k8s.aliyun.com/enable-eip=true
              kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{"k8s.aliyun.com/enable-eip":"true"},"name":"nginx","namespace":"default"},"spec":{"container...
              kubernetes.io/limit-ranger=LimitRanger plugin set: cpu, memory request for container nginx
Status:       Running
IP:           10.1.89.103
Containers:
  nginx:
    Container ID:   eci://779380281b08b325b4b7a1b66c4cb9e706985b25cde0c36345af93a308745b95
    Image:          registry-vpc.cn-hangzhou.aliyuncs.com/jovi/nginx:alpine
    Image ID:
    Port:           80/TCP
    State:          Running
      Started:      Mon, 07 Jan 2019 13:19:47 +0800
    Ready:          True
    Restart Count:  0
    Requests:
      cpu:        1
      memory:     2Gi
    Environment:  <none>
    ...
    
# kubectl describe pod|grep allocated-eipAddress
Annotations:  k8s.aliyun.com/allocated-eipAddress=47.96.67.132

The Annotations of the pod shows the assigned EIP, which can be used to directly access that pod.

# curl 47.96.67.132
<! DOCTYPE html>
<html>
<head>
<title>Welcome to nginx! </title>
...

Because an EIP is dynamically assigned in this method, the lifecycle of the EIP is the same as that of the pod. When a pod is deleted, the EIP dynamically assigned to that pod is also deleted.

Note that if you are creating a Deployment, each pod in that Deployment will mount a different EIP. Please perform this action with caution.

Method 2: Specifying the ID of an Elastic IP Address Instance

Purchase an EIP in the EIP console first.

Set the “k8s.aliyun.com/eipInstanceId” annotation of the pod to an EIP instance ID:

# cat nginx-eipid-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  annotations:
    "k8s.aliyun.com/eipInstanceId": "eip-bp19trewkig3i9pnek99i"
spec:
  containers:
  - image: registry-vpc.cn-hangzhou.aliyuncs.com/jovi/nginx:alpine
    imagePullPolicy: Always
    name: nginx
    ports:
    - containerPort: 80
      name: http
      protocol: TCP
  restartPolicy: OnFailure

Create a pod:

# kubectl apply -f  nginx-eipid-pod.yaml
pod "nginx" created# kubectl get pod
NAME      READY     STATUS    RESTARTS   AGE
nginx     1/1       Running   0         20s

Access the pod by using the EIP:

# curl 47.111.20.92
<! DOCTYPE html>
<html>
<head>
<title>Welcome to nginx! </title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx! </h1>
...

In this method, when a pod is deleted, the pod and the EIP are unbound. When the pod is re-created, the EIP are bound to the pod again.

About Container Service for Kubernetes

Alibaba Cloud Container Service for Kubernetes provides enterprise-level high-performance and flexible management of Kubernetes containerized applications throughout the application lifecycle. This service simplifies cluster creation and expansion and integrates Alibaba Cloud capabilities in virtualization, storage, network, and security, providing an improved running environment for Kubernetes containerized applications.

Log on to the Container Service Console and experiment with this service for free at: https://cs.console.aliyun.com/#/k8s

Reference:https://community.alibabacloud.com/blog/serverless-kubernetes-container-service-supports-mounting-eips-with-pods_594643?spm=a2c41.12740868.0.0

Kubernetes
Alibaba Cloud
Vpc
Container
Serverless

--

--

Alibaba Cloud
Alibaba Cloud

Written by Alibaba Cloud

5.8K Followers
25 Following

Follow me to keep abreast with the latest technology news, industry insights, and developer trends. Alibaba Cloud website:https://www.alibabacloud.com

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams