k8s svc流量转发

https://blog.csdn.net/qq_44930876/article/details/134813129
https://blog.csdn.net/weixin_43845924/article/details/136232099

默认使用iptables

[root@localhost ~]# k logs kube-proxy-jcbcq  
I0405 10:37:28.610683       1 node.go:136] Successfully retrieved node IP: 192.168.150.81
I0405 10:37:28.610898       1 server_others.go:111] kube-proxy node IP is an IPv4 address (192.168.150.81), assume IPv4 operation
W0405 10:37:30.083245       1 server_others.go:579] Unknown proxy mode "", assuming iptables proxy
1
2
3
4

[root@localhost ~]# k get cm kube-proxy -o yaml| grep mode
    mode: ""
1
2

访问 10.1.173.212 的流量 转到 KUBE-SVC-GSTOWW43R3XNF3UU 处理

-A KUBE-SERVICES ! -s 10.244.0.0/16 -d 10.1.173.212/32 -p tcp -m comment --comment "default/helloworld:grpc cluster IP" -m tcp --dport 80 -j KUBE-MARK-MASQ
-A KUBE-SERVICES -d 10.1.173.212/32 -p tcp -m comment --comment "default/helloworld:grpc cluster IP" -m tcp --dport 80 -j KUBE-SVC-GSTOWW43R3XNF3UU

1
2
3

KUBE-SVC-GSTOWW43R3XNF3UU 负载均衡

-A KUBE-SVC-GSTOWW43R3XNF3UU -m comment --comment "default/helloworld:grpc" -m statistic --mode random --probability 0.33333333349 -j KUBE-SEP-TXM7ZWVLBOV6HOOE
-A KUBE-SVC-GSTOWW43R3XNF3UU -m comment --comment "default/helloworld:grpc" -m statistic --mode random --probability 0.50000000000 -j KUBE-SEP-DWGWB6DOLSQRMVMH
-A KUBE-SVC-GSTOWW43R3XNF3UU -m comment --comment "default/helloworld:grpc" -j KUBE-SEP-SS4FDJNRUP7KZYAK

1
2
3
4

[root@localhost ~]# iptables-save| grep helloworld | grep "A KUBE-SEP" | grep default/helloworld:grpc | grep tcp
-A KUBE-SEP-DWGWB6DOLSQRMVMH -p tcp -m comment --comment "default/helloworld:grpc" -m tcp -j DNAT --to-destination 10.244.0.28:80
-A KUBE-SEP-SS4FDJNRUP7KZYAK -p tcp -m comment --comment "default/helloworld:grpc" -m tcp -j DNAT --to-destination 10.244.0.29:80
-A KUBE-SEP-TXM7ZWVLBOV6HOOE -p tcp -m comment --comment "default/helloworld:grpc" -m tcp -j DNAT --to-destination 10.244.0.24:80
1
2
3
4