Why exposing Services in Kubernetes (k8s)

While working with Kubernetes, sooner or later you will need to call one application from the another. It’s obvious that we need a part of infrastructure which act as a Load Balancer and for the outside call we need also reverse proxy component. And this is where k8s Service and Ingress Controller come into play.

Maciej Back-end

15 January 2020

Service

You can consider Service object as your load balancer. In fact it creates a invariable virtual IP (service type None is an exception), then based on that IP, DNS record (Core DNS component in cluster) is created. By default load balancing is done in random manner.

We can distinguish the following service types:

Sometimes there is no need to load balancing your service. In that case you can create headless service by setting .spec.ClusterIP to None. Additional hop will not be introduced. The most common usage of the last is along with Statefulsets, when you need to deal with each replica separately.
 

Ingress Controller

It’s an abstract component that should be responsible for handling external call to your application. The most commonly used implementation is NGINX Ingress Controller.
It acts as a reverse proxy in our infrastructure, mapping incoming request to kubernetes services. All configurations are done by appropriate annotations in object definition (yaml configuration).
This is also the place where ssl termination should take place (be aware that Nginix Ingress Controller pass through option is disabled by default). Mutual SSL can be achieved as well.
To sum up:

Baner Baner

Your software development experts

We’re a team of experienced and skilled software developers – and people you’ll enjoy working with.

Start Your Project