Kubernetes Networking: Exploring Service Resources

Question: “How do you expose Pods to stable network endpoints in Kubernetes?”

Pods in Kubernetes have dynamic IP addresses, which can change when a Pod restarts. To ensure consistent access and load balancing, Kubernetes provides a Service resource.

In this post, you will learn:

• What a Kubernetes Service is and why it’s needed
• How Services communicate with Pods
• Service types: ClusterIP, NodePort, and LoadBalancer
• YAML configuration examples

1. What Is a Kubernetes Service?

A Service is a stable networking abstraction that provides a fixed endpoint for a group of Pods, even if Pod IP addresses change.

2. Why Do We Need a Service?

• Pods are ephemeral, and their IPs change on restarts.
• Applications with multiple Pods (e.g., via ReplicaSets or Deployments) need a single entry point.
• Services enable load balancing and service discovery.

3. Key Features of a Service

• Selector-based targeting: Services route traffic to Pods with matching labels.
• Managed by kube-proxy: Handles network rules and routing.
• Works with Endpoints: A separate object mapping Services to Pods.
• Supports multiple types (ClusterIP, NodePort, LoadBalancer).

4. ClusterIP: Internal Service

• Default Service type in Kubernetes.
• Accessible only within the cluster.
• Ideal for internal communication between microservices.

Example:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8080
  type: ClusterIP

5. NodePort: External Access

• Exposes the Service on a static port (30000–32767) of each Node.
• Accessible via http://<NodeIP>:<NodePort>.
• Often used in development or testing.

Example:

1
2
3
4
5

type: NodePort
ports:
  - port: 80
    targetPort: 8080
    nodePort: 30080

6. LoadBalancer: Cloud Load Balancing

• Integrates with cloud providers (AWS, GCP, Azure) to provision an external load balancer.
• Automatically distributes external traffic across Nodes and Pods.
• Commonly used in production environments.

Example:

1
2
3
4

type: LoadBalancer
ports:
  - port: 80
    targetPort: 8080

7. Service YAML Example

Here’s an example of a Deployment with a Service:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
        - name: my-app
          image: nginx
          ports:
            - containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
    - port: 80
      targetPort: 8080
  type: ClusterIP

8. FAQ (Answer Engine Optimization)

Q1. What’s the difference between NodePort and LoadBalancer? A. NodePort exposes a static port on each Node, while LoadBalancer creates an external load balancer through a cloud provider.

Q2. Can I access a Pod without a Service? A. Yes, but it’s unreliable since Pod IPs can change. Services provide a stable endpoint.

Q3. Can ClusterIP be accessed from outside the cluster? A. Not directly. You can use kubectl port-forward or an Ingress resource to expose it.

9. Key Takeaways

10. Final Thoughts

A Kubernetes Service is the foundation of stable and reliable networking for Pods.