what is service?
A service in Kubernetes is a resource that provides access to a set of pods. It acts as an abstraction layer between the pods and the user, allowing the user to access the pods without having to know the details of the underlying infrastructure. Services also provide load balancing and health-checking features, making it easier to manage the underlying pods.
A service in Kubernetes is a logical set of pods, which works together. With the help of services, users can easily manage load-balancing configurations.
Types of services:
cluster IP:
Cluster IP is a Kubernetes service type that provides a stable IP address for the service. This IP address is used by clients to send requests to the service and is accessible only within the cluster. Cluster IP services are typically used for internal services that are not accessible from outside the cluster.
load balancer:
A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across several servers. Load balancers are used to improve application performance by decreasing the load on servers and improving availability. In Kubernetes, a load balancer is created when a service of type LoadBalancer is created. The load balancer will then route traffic to the correct pods.
node port:
NodePort is a type of service in Kubernetes that allows external traffic to access services running on the cluster through a specific port on each node of the cluster. NodePort is the simplest way to get external traffic directly to your service.
external name:
ExternalName is a type of alias that can be used to access a service without needing to know its IP address or port.
Let's Do Make a Service
vim service.yaml
kubectl get svc -n react-django-app
where,
svc - service
-n = namespace
this ip is k8s cluster ip not my ubuntu ip
minikube service django-todo-service -n react-django-app --url
What is Ingress?
Ingress is a way of allowing external traffic to access services running in a Kubernetes cluster. It is responsible for routing traffic to the correct services based on the URL, hostname, and/or IP address. It is used to provide access control and authentication for services running in the cluster.
In Kubernetes, an Ingress is an object that allows access to your Kubernetes services from outside the Kubernetes cluster.
vim ingress.yaml
kubectl apply -f ingress.yaml
sudo vim /etc/hosts
Kubernetes network policy
Kubernetes network policy is a way to control and regulate traffic flow between different parts of your Kubernetes cluster. It allows you to define rules that specify how traffic should be allowed or blocked based on various criteria such as the source and destination pods, IP addresses, and ports.
In simpler terms, imagine you have a busy intersection with different types of vehicles (e.g., cars, trucks, bicycles) and pedestrians crossing. Kubernetes network policy is like a traffic cop that enforces rules on who can go where and when. For example, it can ensure that only certain types of vehicles can use a particular lane or that pedestrians can only cross at designated crossings. This helps to ensure safety and efficient traffic flow in the intersection.
Similarly, Kubernetes network policy helps to ensure secure and efficient communication between different parts of your Kubernetes cluster by defining rules that govern traffic flow. This can help to prevent unauthorized access, reduce the risk of attacks, and optimize network performance.
Types of Network Policies:
Ingress: This type of network policy allows incoming traffic from external sources into the Kubernetes cluster. It defines rules for incoming traffic to reach specific services and pods within the cluster.
Egress: Egress network policies define rules for outgoing traffic from the Kubernetes cluster to external sources. It controls which pods or services within the cluster are allowed to communicate with external sources.
Cluster: Cluster network policies are applied to all the pods within the Kubernetes cluster. It provides a way to restrict or allow communication between pods in the cluster.
Namespace: Namespace network policies are applied to a specific namespace within the cluster. It defines the rules for traffic entering or leaving the pods in that namespace.
Service: Service network policies apply to traffic that is coming to or going from a specific Kubernetes service. It helps to restrict or allow communication to that service from the pods within the cluster.
What is DNS?
DNS stands for Domain Name System, which is a hierarchical naming system used to translate domain names (such as www.example.com) into IP addresses (such as 192.0.2.1) that can be understood by computer networks.
In Kubernetes, DNS is used to provide a way for services and pods to discover each other by their domain names. Each Kubernetes cluster has a built-in DNS service that can be used to resolve domain names to IP addresses within the cluster.
For example, if a pod wants to communicate with a service called "my-service" in the same namespace, it can simply use the domain name "my-service" and the Kubernetes DNS service will resolve it to the IP address of the service.
DNS in Kubernetes is a crucial component for enabling communication between different parts of the cluster and ensuring that applications can be easily accessed and scaled up or down without disrupting their connectivity.
What are CNI plugins?
CNI (Container Networking Interface) plugins are small software programs that allow containers running on a host to communicate with each other and with the outside world.
When a container is created, it needs to be connected to a network so that it can communicate with other containers or services outside of the container environment. The CNI plugin is responsible for setting up the network connection between the container and the host or other containers.
Thank you for reading this blogπ
I hope it helps π
β Safia Khatoon
Happy Learning π