Services & Networking
Services
"Services" allows loose coupling between the microservices in our application.
Service Types
- NodePort: enable connections from outside of the Node to reach the pods inside that Node.
- ClusterIP: allows communications between pods.
- LoadBalancer: provisions load balancers to our application.
NodePort
Three ports involved:
- Actual Node's port -
nodePort
- Service's port -
port
- Pod's port -
targetPort
apiVersion: v1
kind: Service
metadata:
name: myapp-service
spec:
type: NodePort
selector:
app: myapp
tier: front-end
ports:
- nodePort: 30008
port: 80
targetPort: 80
Notes:
port
is the only mandatory field- if you don't provide a
targetPort
, it'll be the same asport
- if you don't provide a
nodePort
, it'll be a randomly choosen between 30000-32767. - the
ports
is an array, therefore you can have multiple mappings here.
ClusterIP
Allows communication between pods inside a cluster
apiVersion: v1
kind: Service
metadata:
name: backend
spec:
type: ClusterIP
selector:
app: myapp
type: back-end
ports:
- targetPort: 80
port: 80
Ingress Networking
Ingress helps your users to access your application through a single URL.
Ingress Controller - Ingress Resources
You do not have an Ingress Controller in kubernetes by default, so you must deploy one.
Ingress Controller
This NginX image can be used as an Ingress Controller: https://quay.io/repository/kubernetes-ingress-controller/nginx-ingress-controller
Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-ingress-controller
spec:
replicas: 1
selector:
matchLabels:
name: nginx-ingress
template:
metadata:
labels:
name: nginx-ingress
spec:
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.21.0
args:
- /nginx-ingress-controller
- --configmaps=$(POD_NAMESPACE)/nginx-configuration
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
Some settings must be in a ConfigMap
Service
apiVersion: v1
kind: Service
metadata:
name: nginx-ingress
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
protocol: TCP
name: http
- port: 443
targetPort: 443
protocol: TCP
name: https
selector:
name: nginx-ingress
Service Account
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx-ingress-serviceaccount
It must have configs for Roles
, ClusterRoles
and RoleBindings
.
Ingress Resources
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-wear
spec:
backend:
serviceName: wear-service
servicePort: 80
Ingress rules
Based on path:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-wear-watch
spec:
rules:
- http:
paths:
- path: /wear
backend:
serviceName: wear-service
servicePort: 80
- path: /watch
backend:
serviceName: watch-service
servicePort: 80
Based on the domain:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-wear-watch
spec:
rules:
- host: wear.my-online-store.com
http:
paths:
- backend:
serviceName: wear-service
servicePort: 80
- host: watch.my-online-store.com
http:
paths:
- backend:
serviceName: watch-service
servicePort: 80