Kubernetes Services: Understanding Request Flow
Understand ClusterIP, NodePort, LoadBalancer, and Ingress.
Understanding Kubernetes Services & Request Flow
When you deploy an application in Kubernetes, how do you make it accessible? That’s where Kubernetes Services come in.
Let’s break down the four main service types—ClusterIP, NodePort, LoadBalancer, and Ingress—and how a request flows through them.
1. ClusterIP (Default)
Use case: Internal-only communication between pods.
Request Flow:
A pod sends a request to a service name like
my-service
.DNS (via CoreDNS) resolves it to the ClusterIP.
The kube-proxy on each node maintains iptables/ipvs rules to route the request to one of the backend pods.
Key Point: Not accessible from outside the cluster.
2. NodePort
Use case: Expose your app on a static port on each node's IP.
Request Flow:
External client sends a request to
<NodeIP>:<NodePort>
.kube-proxy routes this to the corresponding pod using iptables/ipvs.
The node doesn’t need to host the pod—kube-proxy forwards it appropriately.
Key Point: Still limited to the cluster’s node IPs; not cloud-native or scalable.
3. LoadBalancer
Use case: Expose services externally using a cloud provider’s load balancer.
Request Flow:
External request hits the cloud load balancer.
Load balancer forwards it to one of the cluster nodes via the
NodePort
.kube-proxy sends it to a healthy pod.
Key Point: Ideal for production-grade apps, only works with cloud-native clusters (e.g., EKS, GKE, AKS).
4. Ingress (and Ingress Controller)
Use case: Expose multiple services over HTTP/HTTPS using a single IP.
Request Flow:
Ingress Controller (like NGINX or Kong) is exposed via a LoadBalancer or NodePort.
External request hits the ingress endpoint.
Based on host/path rules, it routes traffic to appropriate services (ClusterIP).
Key Point: Offers routing, TLS termination, path rewriting—acts like an API Gateway.
Final Thoughts
Choosing the right service type depends on how and where your app needs to be accessed:
Internal microservice? → ClusterIP
Quick dev demo? → NodePort
Cloud-native exposure? → LoadBalancer
Production-ready web traffic with routing? → Ingress