Kubernetes- Diving in- Part 2 (Services)

Updated: Jan 15, 2021

    

Note: If you have missed my previous articles on Docker and Kubernetes, you can find them here.
Application deployment models evolution.
Getting started with Docker.
Docker file and images.
Publishing images to Docker Hub and re-using them
Docker- Find out what's going on
Docker Networking- Part 1
Docker Networking- Part 2
Docker Swarm-Multi-Host container Cluster
Docker Networking- Part 3 (Overlay Driver)
Introduction to Kubernetes
Kubernetes- Diving in (Part 1)

In Part 1 I gave an overview of the Kubernetes cluster, how to deploy a multinode cluster, and run a deployment with multiple replicas. In this article, I am going to describe service which is another abstraction in Kubernetes.

A service is an external endpoint for a PoD. Users access the PoD using the service IP address. For instance, for PoD/deployment with httpd container, we have to create a service exposing port 80 to allow users to access the server. There are four basic service types in Kubernetes:

Cluster IP (Default): Default service created when you create a deployment. Nodes within a cluster can access the service with this IP, but external users cannot use this IP to access the service

root@sathish-vm1:/home/sathish# kubectl get all
NAME                          READY   STATUS              RESTARTS   AGE
pod/my-web-79bff47dc8-56d6b   1/1     Running             0          35s
pod/my-web-79bff47dc8-94xmk   1/1     Running             0          12s
pod/my-web-79bff47dc8-dtbhf   0/1     ContainerCreating   0          12s

NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   5m56s

From VM2

root@sathish-vm2:/home/sathish# wget https://10.96.0.1:443 --no-check-certificate
--2020-09-28 12:58:58--  https://10.96.0.1/
Connecting to 10.96.0.1:443... connected.
WARNING: cannot verify 10.96.0.1's certificate, issued by ‘CN=kubernetes’:
  Unable to locally verify the issuer's authority.

NodePort: When NodePort service is created, a port is allocated (high port number) on each node of the cluster that maps to service port (80/443 in case of web). Users can access the service with the IP address of the node and high port number.

LoadBalancer: This is typically used in cloud deployment and service type is used to control an external load balancer provided by the cloud.

ExternalName: Service is mapped to a name with a DNS CNAME record.

To try services, I am going to create a deployment of my trusted friend apache service and scale it to 5 replicas.

root@sathish-vm1:/home/sathish# kubectl create deployment my-web --image=httpd --port=80

root@sathish-vm1:/home/sathish# kubectl scale deploy/my-web --replicas 5
deployment.apps/my-web scaled

root@sathish-vm1:/home/sathish# kubectl get pods
NAME                      READY   STATUS    RESTARTS   AGE
my-web-79bff47dc8-56d6b   1/1     Running   0          24m
my-web-79bff47dc8-94xmk   1/1     Running   0          23m
my-web-79bff47dc8-bqn95   1/1     Running   0          2m37s
my-web-79bff47dc8-gkj8m   1/1     Running   0          2m37s
my-web-79bff47dc8-s6gkr   1/1     Running   0          2m37s

Now I am going to create a Nodeport service to allow access from external networks

root@sathish-vm1:/home/sathish# kubectl expose deploy/my-web --port 80 --name externaccess --type NodePort
service/externaccess exposed

root@sathish-vm1:/home/sathish# kubectl get service
NAME           TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)        AGE
externaccess   NodePort    10.99.185.7   <none>        80:32300/TCP   88s
kubernetes     ClusterIP   10.96.0.1     <none>        443/TCP        96m
The high port number gets translated to port  80 on each PoD automatically. Now I am going to try accessing it with the PoD IP.

NodePort is sourceNATed to the interface IP address. By accessing http://<VMIP>:32300, I should be able to access the webserver.

root@sathish-vm1:/home/sathish# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:db:46:5a brd ff:ff:ff:ff:ff:ff
    inet 172.28.147.44/28 brd 172.28.147.47 scope global eth0
root@sathish-vm1:/home/sathish# wget 172.28.147.44:32300
--2020-09-28 14:25:49--  http://172.28.147.44:32300/
Connecting to 172.28.147.44:32300... connected.
HTTP request sent, awaiting response... 200 OK
Length: 45 [text/html]
Saving to: ‘index.html.10’

index.html.10                 100%[=================================================>]      45  --.-KB/s    in 0s

2020-09-28 14:25:49 (8.94 MB/s) - ‘index.html.10’ saved [45/45]

Trying it from another PC and bingo It Works!!

Hope this was helpful. Have a fantastic week!!

Quick intro to Docker, Kubernetes and latest network tech

Kubernetes- Diving in- Part 2 (Services)

Recent Posts

Comments

Never Miss a Post. Subscribe Now!