top of page
Writer's pictureSathish Kumar

Kubernetes- Diving in- Part 2 (Services)

Updated: Jan 15, 2021



In Part 1 I gave an overview of the Kubernetes cluster, how to deploy a multinode cluster, and run a deployment with multiple replicas. In this article, I am going to describe service which is another abstraction in Kubernetes.


A service is an external endpoint for a PoD. Users access the PoD using the service IP address. For instance, for PoD/deployment with httpd container, we have to create a service exposing port 80 to allow users to access the server. There are four basic service types in Kubernetes:


Cluster IP (Default): Default service created when you create a deployment. Nodes within a cluster can access the service with this IP, but external users cannot use this IP to access the service


root@sathish-vm1:/home/sathish# kubectl get all
NAME                          READY   STATUS              RESTARTS   AGE
pod/my-web-79bff47dc8-56d6b   1/1     Running             0          35s
pod/my-web-79bff47dc8-94xmk   1/1     Running             0          12s
pod/my-web-79bff47dc8-dtbhf   0/1     ContainerCreating   0          12s

NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   5m56s

From VM2

root@sathish-vm2:/home/sathish# wget https://10.96.0.1:443 --no-check-certificate
--2020-09-28 12:58:58--  https://10.96.0.1/
Connecting to 10.96.0.1:443... connected.
WARNING: cannot verify 10.96.0.1's certificate, issued by ‘CN=kubernetes’:
  Unable to locally verify the issuer's authority.

NodePort: When NodePort service is created, a port is allocated (high port number) on each node of the cluster that maps to service port (80/443 in case of web). Users can access the service with the IP address of the node and high port number.


LoadBalancer: This is typically used in cloud deployment and service type is used to control an external load balancer provided by the cloud.


ExternalName: Service is mapped to a name with a DNS CNAME record.


To try services, I am going to create a deployment of my trusted friend apache service and scale it to 5 replicas.



root@sathish-vm1:/home/sathish# kubectl create deployment my-web --image=httpd --port=80

root@sathish-vm1:/home/sathish# kubectl scale deploy/my-web --replicas 5
deployment.apps/my-web scaled

root@sathish-vm1:/home/sathish# kubectl get pods
NAME                      READY   STATUS    RESTARTS   AGE
my-web-79bff47dc8-56d6b   1/1     Running   0          24m
my-web-79bff47dc8-94xmk   1/1     Running   0          23m
my-web-79bff47dc8-bqn95   1/1     Running   0          2m37s
my-web-79bff47dc8-gkj8m   1/1     Running   0          2m37s
my-web-79bff47dc8-s6gkr   1/1     Running   0          2m37s

Now I am going to create a Nodeport service to allow access from external networks




root@sathish-vm1:/home/sathish# kubectl expose deploy/my-web --port 80 --name externaccess --type NodePort
service/externaccess exposed

root@sathish-vm1:/home/sathish# kubectl get service
NAME           TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)        AGE
externaccess   NodePort    10.99.185.7   <none>        80:32300/TCP   88s
kubernetes     ClusterIP   10.96.0.1     <none>        443/TCP        96m
The high port number gets translated to port  80 on each PoD automatically. Now I am going to try accessing it with the PoD IP.

NodePort is sourceNATed to the interface IP address. By accessing http://<VMIP>:32300, I should be able to access the webserver.



root@sathish-vm1:/home/sathish# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:db:46:5a brd ff:ff:ff:ff:ff:ff
    inet 172.28.147.44/28 brd 172.28.147.47 scope global eth0
root@sathish-vm1:/home/sathish# wget 172.28.147.44:32300
--2020-09-28 14:25:49--  http://172.28.147.44:32300/
Connecting to 172.28.147.44:32300... connected.
HTTP request sent, awaiting response... 200 OK
Length: 45 [text/html]
Saving to: ‘index.html.10’

index.html.10                 100%[=================================================>]      45  --.-KB/s    in 0s

2020-09-28 14:25:49 (8.94 MB/s) - ‘index.html.10’ saved [45/45]


Trying it from another PC and bingo It Works!!



Hope this was helpful. Have a fantastic week!!







71 views0 comments

Comments


bottom of page