Kubernetes services enable communication between various components within and outside of the application. Kubernetes services helps us connect applications together with other applications or users. Lets assume our application has groups of pods running various sections such as a group for serving our front end load to users and other group for running back end processes. Then third group connecting to an external data source.
It is services that enable connectivity between these groups of pods. Services enable the front end application to be made available to end users. It helps communication between back end and front end pods and helps in establishing connectivity to an external data source.
Lets further discuss one use case of services. We deployed our pod having a web application running on it. How do external users access the web page?
The Kubernetes node has an IP address and that is 192.168.1.2 and the host machine is on the same network. It has an IP address 192.168.1.10. The internal pod network is in 10.244.0.0 and the POD has an IP 10.244.0.2 .
Clearly we can not ping or access the pod at address 10.244.0.2 as its in a separate network.
So what are the options to see the web page? First if we were to ssh in to the kubernetes node at 192.168.1.2. Then from the node, we would be able to access the pods web page by doing a curl or if the node has a GUI, we would crack open a web browser and access the web page (http://10.244.0.2). This is from inside the kubernetes node and this is not what we need.
We want to access the web server from externally without having to ssh in to the node and simply by accessing the IP of the kubernetes node. We need something in middle to help us map request to the node from our laptop through the node to the pod running the web container.
This is where the Kubernetes Services comes in to play.
The Kubernetes service is an object just like pods, replica sets or deployments. One of its use case is to listen to a port on the node and forward request on that port to a pod running the web application. This type of service is known as a node port service, because the service listen to a port on the node and forward requests to the pods.
There are other kinds of services available.
- NodePort -service makes an internal pod accessible on a port on the node.
- ClusterIP -In this case service creates a virtual IP inside the cluster to enable communication between different services such as set of front end servers to a set of back end servers.
- LoadBalancer -It provisions a load balancer for out application in supported cloud provider.
Lets discuss about NodePort.
We discussed about external access to the application. We discussed the service can help us to map a port on the node to a port on the pod. If we take a closer look, we will see there are 3 ports involved.
- 80 -web service is running. i.e target port
- 80 -port on the service itself.
- 30080 -port on the node itself, which we use to access the web server. Node ports can only be in a valid range which by default is from 30000 to 32767.
We talked about the service mapped to a single pod. That is not the case all the time. What if we have multiple pods? In production environment, we have multiple instances of the web application are running for high availability. In this case we have multiple similar pods running our web application. When the service is created, it looks for matching pod (with corresponding label) and it will automatically selects all the matching pods as end points to forward the external requests. You do not have to do additional configs to make this happen.
Even pods are distributed among the different nodes, Service will distribute the load without us having to do any additional configuration.
This way you can access the application using the IP of any node in the cluster and using the same port number.
In any case, whether it be a single pod on a single node, multiple pods on a single node or multiple pods on a multiple nodes, the service is created exactly the same without having to do any additional steps during the service creation. When the pods are removed or added, the service is automatically updated making it highly flexible and adaptive.