Home > Kubernetes > Service Networking

๐ŸŒ Kubernetes Services & Networking Explore More Networking Topics

๐Ÿ” What is a Service?

In Kubernetes, a Service is an abstraction which defines a logical set of Pods and a policy by which to access them. It provides a stable network endpoint, even if the underlying Pods change.
Example: A Service can expose your web application running in multiple Pods behind a single IP address.

โš™๏ธ Service Types

Kubernetes supports multiple service types:

  • ClusterIP: Exposes the Service on a cluster-internal IP. This is the default type.
  • NodePort: Exposes the Service on each Nodeโ€™s IP at a static port.
  • LoadBalancer: Exposes the Service externally using a cloud providerโ€™s load balancer.
  • ExternalName: Maps the Service to the contents of the externalName field (e.g., a DNS name).

๐Ÿ“„ Service YAML Example

apiVersion: v1
kind: Service
metadata:
  name: web-service
spec:
  selector:
    app: web
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
  type: LoadBalancer

๐Ÿš€ Ingress for External Networking

An Ingress manages external access to the Services in a cluster, providing load balancing, SSL termination, and name-based virtual hosting.
Example: Use an Ingress to route traffic for myapp.example.com to your web Service. 

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: web-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: web-service
            port:
              number: 80

๐Ÿ”’ Resource Allocation & Network Policies

Along with services, you can control traffic flow between Pods using Network Policies and enforce resource limits with Limit Ranges and Resource Quotas.
Example: Use a Network Policy to allow traffic only from trusted Pods, and set Resource Quotas to limit the overall resource usage in a Namespace. 

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-specific
  namespace: web
spec:
  podSelector:
    matchLabels:
      app: web
  ingress:
  - from:
    - podSelector:
        matchLabels:
          access: "true"
    ports:
    - protocol: TCP
      port: 80

๐Ÿ“ข Conclusion

Kubernetes Services and Networking empower you to expose and secure your applications in a dynamic cluster environment. By leveraging different service types and integrating Ingress and Network Policies, you can efficiently manage traffic and resource allocation across your cluster.