Let us say we have a node. Every node will have its own IP address.
- Every pod inside the node will be assigned an internal IP address.
- Unlike docker, where IP is assigned to the container, in Kubernetes, IP is assigned to the POD.
- When Kubernetes is initially configured, an internal network is created & all pod’s will be attached to it.
- The pod’s can talk to each other using the internal IP address.
- The POD’S internal IP address can change when POD’S are recreated
So, it all works well when we have a single node. However, when we have more number of nodes, Kubernetes does not automatically setup any network as a part of process which brings up the cluster. ==Kubernetes expects the administrator to setup networking to meet certain fundamental requirements.==
- All containers/Pod’s in a Kubernetes cluster must be able to communicate to one another without NAT.
- All nodes & containers must be able to communicate with each other without NAT.
We don’t have to set this up all on our own, there are multiple pre-build solutions available that can help us meet these network requirements by Kubernetes
- Cisco ACI
- VMWare NSX
- Cilium
- Flannel
These networking solutions prevents duplication & by using simple routing techniques, they establish the communication.
below is a sample diagram
Kubernetes Services:
- Kubernetes services enable communication between various components within & outside of the application.
- Let us say, we have a Pod that servers as front end, another Pod that serves as Backend database & another set of Pod’s that are analytical. Services allow these Pod’s to communicate with each other.
- Services enable the front end application to be made available to the users, it helps in establishing external connectivity with datasource.
Now, Let us say that there is a Web Application running on a POD. how do i as a user access it ? It will by default be accessible from the node. but in most cases, the user cannot access the node thru SSH & would require the application to be available externally.
We can use a service called Node-Port Service. A service is just another Kubernetes object & one of the function of a NodePort service is to listen for a port & forward requests to the node on the port running the web application. This is very similar to the Port-Mapping we did for the Docker containers.
There are other kinds of services available too.
- Node Port Service
- Cluster IP Service
- Load Balancer Service
NodePort Service: The Valid range for a Nodeport is from 30000 to 32767
ClusterIP Service: The service creates a virtual IP inside the cluster to enable communication between different pods such as front end servers to backend servers
LoadBalancer Service: The service will provisions a load balancer to distribute load across the front end tier in supported cloud providers.
How to create a Service ?
Just like how we defined POD, Replicaset & Deployment earlier, We would have to define a Yaml file for service as well.
The Yaml file looks like below they key differences are noticed in the “kind” which is service & then in the spec, we have to define the type : which is either a clusterIp or Loadbalancer or Nodeport.
in case of a NodePort, we have to define the target port, port. & NodePort. The Target Port & Nodeport are optional. but Port is Mandatory. In case, a target port is not defined, then the same number as Port is assumed & in case nodeport is not defined, then a random port number is picked from a valid range.
But, we also need to specify for which POD we are trying to map this Service. This is done using the Selector Section. The labels in the selector section of the service needs to match with the labels declared for the POD.
apiVersion : v1
kind: Service
metadata:
name: myapp-service
spec:
type: NodePort
ports:
- targetPort: 80
port: 80
nodePort: 30008
selector:
app: myapp
type: front-endUse the kubectl create -f {file-name}.yml to create the service & use the kubectl get services command to get the list of services.
Now, let us say if there are multiple POD’s of the same type using the same labels. Then the service will by default load balance the traffic between them.
Finally, let us say if the pod’s are distributed across multiple nodes. then as well, we don’t have to do anything… Kubernetes automatically span’s the service across all the nodes in the cluster. Meaning, we can access the service using any IP of the Nodes.
