Video Thumbnail for Lesson
4.5: Service

Service

Each pod is assigned an IP address to make it reachable via the network, but the pods are considered ephemeral and may be deleted at any time.

To provide a stable way to address a set of pods (e.g. from a Deployment) we use a Service. There are a variety of kinds of services that provide access to pods from within or outside of the cluster.

Hands-On: Working with Services

We will create and examine multiple Services to understand their behavior.

1. Create a Namespace for the Examples

First, we'll create a namespace for these examples and set it as the default.

# task 01-create-namespace
# - Create a namespace for these examples and set as default
kubectl apply -f Namespace.yaml
kubens 04--service

2. Apply the Deployment Configuration

We need a set of pods to route traffic to. In this case we will use a deployment.

# task 02-apply-deployment
# - Apply the Deployment configuration
kubectl apply -f Deployment.yaml

3. ClusterIP Service

ClusterIP is the default type of Service.

It exposes the Service on a cluster-internal IP. Choosing this value makes the Service only reachable from within the cluster.

💡 Note: The selector for the Service defines a set of labels (in this case baz: pod-label) that are used to identify the set of pods to route traffic to. This same label must be applied ot the pod (in this case from the Deployment template spec).

# Service.nginx-clusterip.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx-clusterip
  labels:
    foo: service-label
  annotations:
    bar: service-annotation
spec:
  type: ClusterIP
  selector:
    baz: pod-label
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
# task 03-apply-clusterip-service
# - Apply the ClusterIP Service.
kubectl apply -f Service.nginx-clusterip.yaml

4. NodePort Service

A NodePort type Service exposes the Service on each Node's IP at a static port (the NodePort).

A ClusterIP Service, to which the NodePort Service routes, is automatically created. You'll be able to contact the NodePort Service from outside the cluster, using <NodeIP>:<NodePort>.

🚨 Note: You will need to ensure your firewall rules allow inbound traffic on the corresponding port(s) for a NodePort to work!"

# Service.nginx-nodeport.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx-nodeport
spec:
  type: NodePort
  selector:
    baz: pod-label
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
      # nodePort: 30XXX (if unset, Kubernetes will assign a port within 30000-32767)
# task 04-apply-nodeport-service
# - Apply the NodePort Service
kubectl apply -f Service.nginx-nodeport.yaml

5. LoadBalancer Service

A LoadBalancer type Service exposes the Service externally using a cloud provider's load balancer.

NodePort and ClusterIP Services, to which the external load balancer routes, are automatically created.

# Service.nginx-loadbalancer.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx-loadbalancer
spec:
  type: LoadBalancer
  selector:
    baz: pod-label
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
# task 05-apply-loadbalancer-service
# - Apply the LoadBalancer Service
kubectl apply -f Service.nginx-loadbalancer.yaml

6. Delete the Namespace to Clean Up

Finally, clean up by deleting the namespace, which will also delete all resources within it.

# task 06-delete-namespace
# - Delete the namespace to clean up
kubectl delete -f Namespace.yaml