Service and Ingress in Kubernetes

In the dynamic world of Kubernetes, services play a pivotal role in facilitating communication between various components within and outside an application. Kubernetes services help connect applications with each other and with users, ensuring smooth and reliable interactions.

🗼Understanding Kubernetes Services

A primary use case for a Kubernetes service is to listen to a pod on a node and forward requests to a pod running the web application. This type of service, known as a Node-Pod service, acts like a virtual server within a node, complete with its own IP address. By doing so, it abstracts the complexities of pod management, enabling easier and more efficient inter-component communication.

🗼Types of Kubernetes Services

NodePort

The NodePort service makes a pod accessible on a specific port on the node. Essentially, it opens a port on each node in the cluster and forwards traffic from that port to the service. This allows external access to the webserver through the node's IP address and the designated NodePort.

Example:

Suppose you have a web application running on a pod, and you want to make it accessible externally. You can define a NodePort service in your deployment YAML file as follows:

apiVersion: v1
kind: Service
metadata:
  name: my-nodeport-service
spec:
  type: NodePort
  selector:
    app: my-web-app
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8080
      nodePort: 30007

This configuration will expose the web application running on port 8080 of the pod through port 30007 on each node in the cluster.

Cluster IP

Cluster IP is the default service type in Kubernetes. It creates a virtual IP address that is only accessible within the cluster. This service type is crucial for communication between different services within the cluster, such as connecting frontend servers to backend servers.

Example:

Consider you have a frontend service that needs to communicate with a backend service. You can define a Cluster IP service for the backend as follows:

apiVersion: v1
kind: Service
metadata:
  name: backend-service
spec:
  selector:
    app: backend
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8000

The frontend pods can now communicate with the backend service using the service name backend-service and port 80.

LoadBalancer

For clusters running on cloud providers, the LoadBalancer service provisions an external load balancer that distributes traffic across multiple pods. This is essential for handling incoming traffic efficiently and ensuring high availability and reliability.

Example:

If you want to expose your application to the internet and balance the load across multiple instances, you can define a LoadBalancer service as follows:

apiVersion: v1
kind: Service
metadata:
  name: my-loadbalancer-service
spec:
  type: LoadBalancer
  selector:
    app: my-web-app
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8080

This configuration will create an external load balancer that routes traffic to the pods running your web application on port

🗼Ingress

Ingress in Kubernetes goes beyond basic services by offering a way to manage external access to your services, typically HTTP. It provides a single entry point to your application and can route traffic to different services based on the URL path, while also offering SSL termination for secure connections.

Key Features of Ingress:

  • Load Balancing: Ingress can distribute incoming traffic to multiple backend services.

  • SSL Termination: It can handle SSL/TLS termination, simplifying the process of securing your application.

  • Name-Based Virtual Hosting: Ingress supports routing based on the hostname, allowing multiple domains to be managed by the same cluster.

Example:

Imagine you have two services, frontend-service and backend-service, and you want to route traffic based on the URL path. You can define an Ingress resource as follows:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
    - host: myapp.example.com
      http:
        paths:
          - path: /frontend
            pathType: Prefix
            backend:
              service:
                name: frontend-service
                port:
                  number: 80
          - path: /backend
            pathType: Prefix
            backend:
              service:
                name: backend-service
                port:
                  number: 80

With this configuration, requests to myapp.example.com/frontend will be routed to frontend-service, and requests to myapp.example.com/backend will be routed to backend-service.

🗼Conclusion

Kubernetes services, whether NodePort, Cluster IP, or LoadBalancer, are fundamental to building scalable and resilient applications. They abstract the complexities of networking, making it easier to connect and manage various components of your application. Ingress further enhances these capabilities by providing advanced traffic management features, ensuring your applications are not only accessible but also secure and efficiently managed. By leveraging these tools, you can build robust, scalable, and secure applications that meet the demands of modern cloud-native environments.

Did you find this article valuable?

Support Ashutosh Mahajan's blog by becoming a sponsor. Any amount is appreciated!