Kubernetes has a lot of features and deployment options for running containers. One of these is the Service. In this blog post, we’ll discuss what Services are, what they can be used for, and how to create them.
What is a Service?
A Kubernetes Service groups a set of pods together and makes them accessible through the DNS name of the Service. This is useful because pods can be created and destroyed constantly, and without a Service to make these pods accessible as a network service, you would need to implement a network discovery service to make calls between pods.
Luckily, Kubernetes makes it really easy to define a Service. All you need is some way to select the pods that belong to your Service.
How to Create a Service
Like everything else in Kubernetes, Services can be configured using a YAML manifest:
- protocol: TCP
The YAML file consists of the following parts:
kind- should be Service
metadata.name - the name of the service. This will be the DNS name of the Service when it is created.
spec.selector - what pods should be included in the Service. In this case, any pod with the label app=user will be added to the service.
spec.ports - a list of port configurations. Each port configuration consists of the following pieces:
protocol - the network protocol to use with the port
port - the port that incoming traffic goes to
targetPort - the port on the pod that traffic should be sent to
Once you’ve got the configuration complete, create the Service in your cluster by doing the following:
kubectl apply -f service.yaml
To check that your service is running, you can execute the following command:
kubectl get services
You should see your new service in the list of services returned by this command. You can now access your pods using the service. In this example, the traffic for the user service might look like this in your cluster:
Communicating with a Service
Of course, the whole purpose of creating a Service is to make it possible to access a network service without having to know the pods it is running on. If you’re running Kubernetes 1.11 or higher, your cluster will automatically have CoreDNS installed, which will allow you to access your service by using the service’s name. Otherwise, you’ll have to install CoreDNS or kube-dns as an addon.
At this point, your service is all set, and you’ll be able to access in other parts of your application!
Types of Services
There are four types of Services that are defined by how they expose the service outside the cluster. The service type is set by using one of the following values for spec.type:
ClusterIP (default) - The service is not exposed outside the cluster, but can be addressed from within the cluster.
NodePort - The service is exposed on a port on every node in the cluster. The service can then be accessed externally at <node_ip>:<node_port>. When using NodePort services you must make sure that the selected port is not already opened on your nodes.
LoadBalancer - The service is exposed as a load balancer in the cluster. LoadBalancer services will create an internal Kubernetes Service that is connected to a Load Balancer provided by your cloud provider (AWS, GCP, or Azure). This will create a publicly addressable set of IP addresses and a DNS name that can be used to access your cluster from an external source.
ExternalName - The service is mapped to a DNS name, not to a typical selector such as my-service or cassandra. You specify the CNAME with the spec.externalName parameter.
Services make it really easy to create network services in Kubernetes. Each service can be backed with as many pods as needed without having to make your code aware of how each Service is backed.
However, it can be hard to monitor Kubernetes with traditional tools. If you are looking for a monitoring solution, consider Blue Matador. Blue Matador automatically checks for over 25 Kubernetes events out-of-the-box. We also monitor over 20 AWS services in conjunction with Kubernetes, providing full coverage for your entire production environment with no alert configuration or tuning required.
Watch how Blue Matador has helped Canopy Tax monitor their AWS and Kubernetes infrastructure.