Kubernetes services
service core concepts
service types
creating a service kubectl
create service using yaml
pod get ip addresses
pod communication
Service core concepts
service single point of entry to access 1 or more pods
can we rely on pod ip when pods live and die
we can’t
ip addresses change when pods die
pods horizontal scale – new ip
pod gets ip address after scheduled
service
abstract ip address from consumers
labels associate pods with services
load balance between pods
relies on service
Nodekube proxy creates virtual ip for services
layer 4 tcp/udp over ip
services stick around
create endpoints which sit between service and pod
External Caller -> Service(frontend) -> Pods (frontend)
Service do load balancing between multiple pods.
Browser will use same connection to same pod. It respects connection.
Different Service types
ClusterIP – service on cluster internal id
nodeport expose service on each node ip at static port
loadbalancer external ip to act as load balancer for service
external name maps a service to DNS
ExternalName Service – Create alias to an external service
### CusterIP Service
service ip exposed internally within the cluster
only pods with cluster can talk to service
allow pods to talk to other pods
### NodePortService
expose service on each node ip at static port allocate port from range 3000 -326767
each node proxies allocated port
### LoadBalancer Service
– different nodes based on traffic
– useful with Azure AWS GCP
– Nodeport anf clusertip services are created
each node proxies the allocated port
### ExternalName Service
alias for external service
call some other domain
define service to act as proxy to external service
external servie details are hidden from cluster
When external service changes just externalName service is to be changed, not anything else
Creating a service with kubectl
Port Forwarding
how to access pod outside of Kubernetes – port forwarding
kubectl port-forward pod/podname 8080:80 kubectl port-forward deployment/deplname 8080 kubectl port-forward service/servicename 8080
Create a service using kubectl
with port forwarding you can access pod outside of kubernetes
You can use port-forward with deployment as well
You can do port forward to service as well
application
nginx deployment
2 replicas
kubectl apply -f nginx.deployment.yml
kubectl apply -f nginx.deployment.yml
deployment.apps/my-nginx unchanged
kubectl get all NAME READY STATUS RESTARTS AGE pod/my-nginx-5bb9b897c8-h7vxg 1/1 Running 2 17h pod/my-nginx-5bb9b897c8-skh4w 1/1 Running 2 17h NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 7d19h NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/my-nginx 2/2 2 2 17h NAME DESIRED CURRENT READY AGE replicaset.apps/my-nginx-5bb9b897c8 2 2 2 17h
You just see clusterip setup.
kubectl port forward kubectl get pods NAME READY STATUS RESTARTS AGE my-nginx-5bb9b897c8-h7vxg 1/1 Running 2 17h my-nginx-5bb9b897c8-skh4w 1/1 Running 2 17h Say I want to connect to first pod. port-forward pod/my-nginx-5bb9b897c8-h7vxg 8080:80 Forwarding from 127.0.0.1:8080 -> 80 Forwarding from [::1]:8080 -> 80 http://localhost:8080/
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required.
For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.
Thank you for using nginx.
Now let’s do port forwarding to deployment
>kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
my-nginx 2/2 2 2 17h
C:\Users\anupam\Desktop>kubectl port-forward deployment/my-nginx 8080
Forwarding from 127.0.0.1:8080 -> 8080
Forwarding from [::1]:8080 -> 8080
And go to
http://localhost:8080/
You get empty data response
This page isn’t working localhost didn’t send any data.
ERR_EMPTY_RESPONSE
Because nginx is running on 80.
So let’s do deployment port forwarding this way.
>kubectl port-forward deployment/my-nginx 8080:80
Forwarding from 127.0.0.1:8080 -> 80
Forwarding from [::1]:8080 -> 80
Handling connection for 8080
Now go to
http://localhost:8080/
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required.
For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.
Thank you for using nginx.
Pods have cluster ip port forwarding makes them accessible externally.
Useful to debugging, analyzing issues
### Creating a service with YAML
yaml file + kubectl = serbvice which has pods
Name of the service (Each service gets a DNS entry) (DNS is what lets users connect to websites using domain names instead of IP addresses. Learn how DNS works.)
Suppose a service is named frontend. And another service is named backend. So frontend pod can interact with backend pod using backend:port name instead of relying on ip address and port.
#kubectl services in action
kubectl get pods NAME READY STATUS RESTARTS AGE my-nginx-5bb9b897c8-h7vxg 1/1 Running 2 18h my-nginx-5bb9b897c8-skh4w 1/1 Running 2 18h
Go inside pod one and get curl package exec my-nginx-5bb9b897c8-h7vxg -it sh kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead. / # apk add curl fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz OK: 25 MiB in 42 packages
Now get IP address of 2nd POD. my-nginx-5bb9b897c8-skh4w 1/1 Running 2 18h kubectl get pod my-nginx-5bb9b897c8-skh4w -o yaml At bottom you have IP address podIP: 10.1.0.127 podIPs: - ip: 10.1.0.127 Now go to open shell for other pod and run command with above IP address. curl http://10.1.0.127 You will see whole nginx output. kubectl apply -f clusterIp.Service.yml service/nginx-clusterip created
kubectl get services NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 7d21h nginx-clusterip ClusterIP 10.110.54.186 <none> 8080/TCP 41s
curl http://10:110.54.186:8080
curl http://nginx-clusterip.186:8080
Pods live and die so their IP address can change
Services abstract IP addresses from consumers
Labels associate pods with services
Service Types
– ClusterIP Service
– NodePort Service
– LoadBalancer Service
– AliasName Service
ClusterIP Service
# ClusterIP Service - Exposes the service on a cluster internal IP apiVersion: v1 #kuebnetes API version and resource type (Service) kind: Service metadata: # name, labels, name: nginx # Name of the service (Each service gets a DNS entry) (DNS is what lets users connect to websites using domain names instead of IP addresses. Learn how DNS works.) labels: app: nginx spec: # type: # type (clusterip, nodeport, loadBalancer defaults to clusterIp) selector: # Select pod template labels(s) that service will apply to. app: nginx ports: #container target port and port of the service - name: http port: 80 targetPort: 80
NodePort Service
# NodePort Service Exposes the service on each Node's IP at a static port. # Useful when we want to set some type of external call for debugging purpose or performance reasons apiVersion: v1 #kuebnetes API version and resource type (Service). This is a nodeport service kind: Service metadata: # name, labels, name: nginx # Name of the service (Each service gets a DNS entry) (DNS is what lets users connect to websites using domain names instead of IP addresses. Learn how DNS works.) labels: app: nginx spec: # type: NodePort # Set the service type to NodePort. selector: # Select pod template labels(s) that service will apply to. app: nginx ports: #container target port and port of the service - name: http port: 80 targetPort: 80 nodePort: 31000 #Optional. defaults between 30000 and 32767
LoadBalancer Service
# LoadBalancer service - Provision an external IP to act as LoadBalancer for the service apiVersion: v1 #kuebnetes API version and resource type (Service). This is a LoadBalancer service kind: Service metadata: # name, labels, name: nginx # Name of the service (Each service gets a DNS entry) (DNS is what lets users connect to websites using domain names instead of IP addresses. Learn how DNS works.) labels: app: nginx spec: # type: LoadBalancer # Set the service type to LoadBalancer. selector: # Select pod template labels(s) that service will apply to. app: nginx ports: #container target port and port of the service - name: http port: 80 targetPort: 80
ExternalName Service
# ExternalName - Maps a service to a DNS name apiVersion: v1 #kuebnetes API version and resource type (Service). This is a ExternalName service kind: Service metadata: # name, labels, name: external-service # Other pods can use this FQDN (Fully Qualified Domain Name) to access the external service. ExternalSegvice will proxy thiem to externalName specified below. So when api.acmecopr.com changes, we just have to update this YAML. labels: app: nginx spec: # type: ExternalName # Set the service type to ExternalName. externalName: api.acmecorp.com # Service will proxy to FQDN selector: # Select pod template labels(s) that service will apply to. app: nginx ports: #container target port and port of the service - name: http port: 9000 # Other pods calling pod in this service can call like this external-service:9000