Learning Kubernetes - Episode 18 - Introduction and Explanation of Service

#Introduction

Note

If you want to read the previous episode, you can click the Episode 17 thumbnail below

In the previous episode, we learned about working with multiple resources using the all keyword. In episode 18, we'll discuss Service, one of the most fundamental concepts in Kubernetes networking.

Note: Here I'll be using a Kubernetes Cluster installed through K3s.

Pods in Kubernetes are ephemeral - they can be created, destroyed, and recreated with different IP addresses. Service provides a stable endpoint for accessing Pods, abstracting away the dynamic nature of Pod IPs and enabling reliable communication between application components.

#What Is Service?

A Service in Kubernetes is an abstraction that defines a logical set of Pods and a policy for accessing them. Services enable network access to a set of Pods, providing a stable IP address and DNS name even as Pods are created and destroyed.

Think of Service like a load balancer with service discovery - it maintains a stable endpoint while automatically routing traffic to healthy Pods that match its selector. When Pods come and go, the Service automatically updates its list of endpoints.

Key characteristics of Service:

Stable endpoint - Provides consistent IP and DNS name
Load balancing - Distributes traffic across multiple Pods
Service discovery - Enables Pods to find each other via DNS
Label selector - Automatically discovers Pods with matching labels
Multiple types - ClusterIP, NodePort, LoadBalancer, ExternalName
Port mapping - Maps service ports to Pod ports
Session affinity - Optional sticky sessions

#Why Do We Need Service?

Service solves several critical networking challenges:

Dynamic Pod IPs - Pods get new IPs when recreated; Service provides stable endpoint
Load balancing - Distributes traffic across multiple Pod replicas
Service discovery - Applications can find each other using DNS names
Decoupling - Frontend doesn't need to know backend Pod IPs
External access - Exposes applications outside the cluster
Health checking - Only routes to healthy Pods
Port abstraction - Service port can differ from Pod port

Without Service, you would need to:

Track Pod IPs manually
Implement your own load balancing
Update configurations when Pods change
Handle Pod failures manually

#Service Types

Kubernetes provides four Service types:

Type of Service LB L4

#ClusterIP (Default)

Exposes Service on a cluster-internal IP. Service is only accessible within the cluster.

Use case: Internal communication between microservices

#NodePort

Exposes Service on each Node's IP at a static port. Makes Service accessible from outside the cluster.

Use case: Development, testing, or when LoadBalancer is unavailable

#LoadBalancer

Exposes Service externally using a cloud provider's load balancer.

Use case: Production external access in cloud environments

#ExternalName

Maps Service to an external DNS name.

Use case: Accessing external services with Kubernetes DNS

#Creating a ClusterIP Service

ClusterIP is the default Service type for internal cluster communication.

#Example 1: Basic ClusterIP Service

First, create a Deployment:

Apply the Deployment:

Create a ClusterIP Service:

Apply the Service:

Verify the Service:

Output:

The Service gets a stable ClusterIP (10.43.100.50) that won't change.

#Testing ClusterIP Service

Test the Service from within the cluster:

The Service load balances requests across all three nginx Pods.

#Service Discovery with DNS

Kubernetes automatically creates DNS records for Services.

#DNS Format

Services can be accessed using these DNS names:

Within same namespace:

plaintext

<service-name>

From different namespace:

plaintext

<service-name>.<namespace>

Fully qualified domain name (FQDN):

plaintext

<service-name>.<namespace>.svc.cluster.local

#Example: DNS Service Discovery

Frontend Pods can access this Service using:

backend (if in same namespace)
backend.production (from different namespace)
backend.production.svc.cluster.local (FQDN)

#Creating a NodePort Service

NodePort exposes Service on each Node's IP at a static port (30000-32767).

#Example: NodePort Service

Apply the Service:

Verify:

Output:

Access the Service from outside the cluster:

Important

Important: NodePort Services are accessible on ALL nodes in the cluster, even if the Pod isn't running on that node. Kubernetes routes traffic to the appropriate node.

#Creating a LoadBalancer Service

LoadBalancer creates an external load balancer (in supported cloud environments).

#Example: LoadBalancer Service

Apply the Service:

Verify:

Output (in cloud environment):

The EXTERNAL-IP is the public IP provided by the cloud load balancer.

Note

Note: LoadBalancer type requires cloud provider support (AWS, GCP, Azure). In local clusters like Minikube or K3s, you may need MetalLB or similar solutions.

If you are using K3s, Service with LoadBalancer type will automatically be handled by Klipper like this

#Port Configuration

#Port Fields

port: The port the Service listens on
targetPort: The port on the Pod (can be port number or name)
nodePort: The port on each Node (NodePort/LoadBalancer only)

#Example: Different Port Mapping

This Service:

Listens on port 80, forwards to Pod port 8080
Listens on port 443, forwards to Pod port 8443

#Using Named Ports

Define named ports in Pods:

Reference named ports in Service:

#Session Affinity

Control whether requests from the same client go to the same Pod.

#ClientIP Session Affinity

With sessionAffinity: ClientIP, requests from the same client IP go to the same Pod for the specified timeout (default 10800 seconds = 3 hours).

#Headless Service

A Service without a ClusterIP, used for direct Pod-to-Pod communication.

#Example: Headless Service

With clusterIP: None, DNS returns Pod IPs directly instead of a Service IP.

Use case: StatefulSets where each Pod needs a stable identity.

#Service Without Selector

Create a Service that doesn't automatically select Pods.

#Example: Manual Endpoints

Manually create Endpoints:

Use case: Accessing external services or databases outside Kubernetes.

#ExternalName Service

Map a Service to an external DNS name.

#Example: ExternalName Service

Pods can access external-api which resolves to api.example.com.

Use case: Abstracting external service URLs, making it easy to change them later.

#Practical Examples

#Example 1: Microservices Architecture

Frontend, backend, and database services:

#Example 2: Multi-Port Service

Application with HTTP and metrics endpoints:

#Example 3: Environment-Specific Services

Different services for different environments:

#Viewing Service Details

#Get Services

Or shorthand:

#Describe Service

Output shows:

#View Endpoints

Output:

Shows the actual Pod IPs the Service routes to.

#Common Mistakes and Pitfalls

#Mistake 1: Selector Mismatch

Problem: Service selector doesn't match Pod labels.

Solution: Ensure labels match exactly:

#Mistake 2: Wrong Target Port

Problem: targetPort doesn't match container port.

Solution: Verify container port:

#Mistake 3: Using LoadBalancer Locally

Problem: LoadBalancer pending in local clusters.

Solution: Use NodePort for local development or install MetalLB.

#Mistake 4: Not Checking Endpoints

Problem: Service has no endpoints.

Solution: Check if Pods are running and labels match:

#Mistake 5: Forgetting DNS Suffix

Problem: Can't access Service from different namespace.

Solution: Use full DNS name:

plaintext

<service-name>.<namespace>.svc.cluster.local

#Best Practices

#Use Meaningful Service Names

Choose clear, descriptive names:

#Always Set Resource Limits on Pods

Services route to Pods, so ensure Pods have resource limits:

#Use Named Ports

Makes configuration clearer:

#Implement Health Checks

Ensure Services only route to healthy Pods:

#Use ClusterIP for Internal Services

Don't expose internal services unnecessarily:

#Document Service Dependencies

Add annotations documenting dependencies:

#Conclusion

In episode 18, we've explored Service in Kubernetes in depth. We've learned what Services are, the different Service types, and how to use them for reliable application networking.

Key takeaways:

Service provides stable endpoint for accessing Pods
Four types: ClusterIP (internal), NodePort (node access), LoadBalancer (external), ExternalName (DNS mapping)
Uses label selectors to automatically discover Pods
Provides load balancing across multiple Pod replicas
Enables service discovery via DNS
ClusterIP is default and most common for internal communication
Port mapping allows Service port to differ from Pod port
Session affinity enables sticky sessions
Headless Services for direct Pod access
Always verify selector matches Pod labels
Check endpoints to ensure Service finds Pods

Service is fundamental to Kubernetes networking, enabling reliable communication between application components. By understanding Services, you can build robust, scalable microservices architectures with proper service discovery and load balancing.

Are you getting a clearer understanding of Service in Kubernetes? In the next episode 19, we'll discuss Ingress, which provides sophisticated HTTP/HTTPS routing to Services with features like host-based routing, path-based routing, and TLS termination. Keep your learning momentum going and look forward to the next episode!

Note

If you want to continue to the next episode, you can click the Episode 19 thumbnail below

Episode 19

Learning Kubernetes - Episode 18 - Introduction and Explanation of Service

Related Posts