prime objectives

1. Introduction
2. Understanding the kubernetes networking
3. Understanding different types of services
4. Implementing the services in a practical way
5. Accessing the applications on our browser
6. Question/answers
 Networking in Kubernetes
The Kubernetes network model specifies:
Every pod gets its own IP address
Containers within a pod share the pod IP address and
can communicate freely with each other.
Pods can communicate with all other pods in the
cluster using pod IP addresses.
Isolation (restricting what each pod can communicate
with) is defined using network policies
 Networking in a single node

10.40.0.1 10.40.0.2

10.40.0.0

ETH0 = Ethernet
192.168.122.224
BR0 = Bridge
VETH0 = Virtual Ethernet
 Networking in Multiple nodeS

10.40.0.1 10.40.0.2 10.36.0.1 10.36.0.2

10.40.0.0 10.36.0.0

192.168.122.128 192.168.122.129
192.168.122.127
Master Node

ETH0 = Ethernet
BR0 = Bridge
VETH0 = Virtual Ethernet
 Concept of pod networking
For example::
Our cluster consist of total 3 nodes (1 master & 2 worker nodes), The default network
interface eth0 on Worker Node 1 have the following IP Address: 192.168.122.224

But for the Pods it creates a Bridge with the IP Address : 10.40.0.0 and through that
IP Address it creates a network within the network
 Networking in Multiple nodes
So when we schedule 3 Pods on the Worker 1 node it gets the following IP Range:
10.40.0.1-3 since they're within the same network the pods can now communicate
with each other. The is also ping-able and accessible from within the Cluster but if the
pod crashes or restart for some reason the IP Address of the Pod will eventually
change.

How nodes communicate with each other?

Kubernetes by default creates a network called Cluster Network. Which enables the
nodes to communicate with each other easily. But for you to access the resources
from outside the cluster you have to use services.
 Services in Kubernetes
What are Services?
Service is a abstract way to expose an application running on a set of Pods as a
network service.
With Kubernetes you don't need to modify your application to use an
unfamiliar service discovery mechanism. Kubernetes gives Pods their own IP
addresses and can load-balance across them
Types of Kubernetes Services:
1. ClusterIP
2. NodePort
3. LoadBalancer
4. Externalname
 CLUSTER-IP SERVICE
How does ClusterIP Service works ?
ClusterIP is the default Service Type. It makes the
Service only reachable from within the cluster and
allows applications within the cluster to
communicate with each other. There is no external
access but Kubernetes Proxy is an exception to it.

Note: You can access the ClusterIP service from

outside your cluster by using the Kubernetes Proxy
but It is not recommended to use it for production
environment so we're not going to use it.
 CLUSTER-IP SERVICE
Creating a Cluster-IP Service
There are quiet a few ways to create a Cluster-IP Service which includes:
Using the "kubectl create service clusterip" command.
Using the "kubectl expose <resource-type> <name>" command.
Using the YAML file
Using the Create Service Command
kubectl create service clusterip <service-name> --tcp=<service-port>:<target-port>
For example:
kubectl create service clusterip nginx-svc --tcp=8080:80
Note: This will not use the pods labels as selectors, instead it will assume selectors as app=nginx
 Creating CLUSTER-IP SERVICE
Adding the Selectors
To add the selectors you'll have to dry-run the service and get the output in YAML
file using the flags, or you can just edit the service using the "kubectl edit"
command and insert the selectors by yourself.
Using the dry-run flag:
kubectl create svc clusterip nginx-svc --tcp=8080:80 --dry-run=client -o yaml > svc.yaml

Now open the svc.yaml file and add the labels of your pods in the selector field
that your want to expose. Apply the yaml file using the following command:
"kubectl apply -f svc.yaml" OR "kubectl create -f svc.yaml"
 Creating CLUSTER-IP SERVICE
Using the Kubectl Expose Command
Kubectl expose command lets you expose your resources using a single command.
The command looks something like this:
kubectl expose <resource-type> <resource-name> --name=<service-name> --port=80 --target-port=80

So after writing "kubectl expose" you have to define the resource-type and the name
of the resource which you want to expose. And after defining the resource you can
define the name of the service which could be anything but if you don't define a
name it's automatically going to give it a name randomly. Now the main part, The
service port and the targeted container port.
For Example:
Creating CLUSTER-IP SERVICE
Example of Cluster-IP Service YAML File.
 nODE-PORT SERVICE
How does Node-Port Service works ?
The NodePort type is an extension of the ClusterIP
type. Node-Port Service Exposes the Service on
each Node's IP at a static port (the NodePort).
The port range of nodeport service is:
30000-32767 (TCP/UDP Both)

Note: The administrator must ensure the external

IPs are routed to the nodes and local firewall rules
on all nodes allow access to the open port.
nODE-PORT SERVICE
 node-port SERVICE
Creating a Node-Port Service
Few ways to create a Node-Port:
Using the "kubectl create service nodeport" command.
Using the "kubectl expose <resource-type> <name>" command.
Using the YAML file
Using the Create Service Command
kubectl create service nodeport nginx-svc --tcp=8080:80 --node-port=30011
Note: This will not use the pods labels as selectors, instead it will assume selectors as app=nginx

After creating the service you can edit the service to add the selectors using the
"kubectl edit service <service-name>" command.
 Creating nodeport SERVICE
Using the Kubectl Expose Command
Kubectl expose command lets you expose your resources using a single command.
The command looks something like this:
kubectl expose pod nginx --name=httpd-svc --port=80 --target-port=80 --type=NodePort

The only extra thing that we've added is the service type in the command mentioned
above, because the default service type is ClusterIP and to expose a NodePort
service we have to define the service type using the --type flag.
Note: Exposing a service using this way will automatically assign the Node Port, To
change the port you can edit the service manually.
Testing the Service
Creating nodeport SERVICE
Example of NodePort Service YAML File.
 LOADBALANCER SERVICE
How does Load-Balancer Service works ?
This ServiceType exposes the Services externally using
the cloud provider's load balancer. Traffic from the
external load balancer is directed to the backend Pods.
The cloud provider decides how it is load-balanced.

LoadBalancer type provides a Public IP address or DNS

name to which the external users can connect. The
traffic flows from the LoadBalancer to a mapped
service on a designated port, which eventually forwards
it to the healthy pods. Note that LoadBalancers doesn’t
have a direct mapping to the pods.
LOADBALANCER SERVICE
Example of Load-Balancer Service YAML
 Externalname SERVICE
How does ExternalName Service works ?
To be able to access an application that lives outside of a kubernetes cluster,
we use a service called externalName. The externalName gives us more
flexibility, since we access the external application through it and not
directly.
Externalname SERVICE
Example of External-Name Service YAML
Thank you for being a part
of this amazing journey!
-AAREEZ ASIF

Special Thanks to