Well, we have a service running in replicas on several nodes
But is not reachable
We can expose its ports like
we would have made on Podman, right?
When we work directly with a container engine we statically write rules to bind ports between the container and the host
Unluckily we do not have a single container,
we have several replicas of it
The fact that these containers are volatile
(node dies, container dies) does not help us
We need an additional component to deal with this issue
Services are thought for this purpose
A service defines a strategy to bind an external port
to a resource (e.g deployment)
There are 4 types of native service
ClusterIp
NodePort
LoadBalancer
ExternalName
Services work exploiting a labeling system
When we deploy a resource we can associate to
this a list of key/value labels
Then when we will create the service we will provide
a selector based on these labels
The service routes the traffic to the pods
which expose the targets labels
Labels/selectors is convenient when we define the resources as yaml specifications and then apply them
Alternatively a command exists to do this for us
kubectl expose RESOURCE_TYPE RESOURCE_NAME --type=SERVICE_TYPE --port=PORT
expose
We want to expose the TCP port 80
of our deployment on each cluster node
kubectl expose deployment nginx --type=NodePort --port=80
service/nginx exposed
Let us check the new service
kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 1h
nginx NodePort 10.110.73.33 <none> 80:31878/TCP 8m7s
We can identify a build-in service for the kube-api
,
and the service we required
Now, we try to reach the service
curl 172.17.0.3:31878
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
[...]
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
[...]
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
n.b. we defined the service as NodePort
so we can use any node IP to reach the service