Skip to content


Network Model

The cluster (nodes and pods) is one big flat IP network:

  • all nodes must be able to reach each other, without NAT
  • all pods must be able to reach each other, without NAT
  • pods and nodes must be able to reach each other, without NAT
  • each pod is aware of its IP address (no NAT)

Service Types

Concept Description Diagram
  • Service that creates virtual IP within the cluster to enable different services within the cluster to talk to each other
    • the service is allocated an internal IP that other components can use to access the pods
    • this IP address is reachable only from within the cluster (nodes and pods)
    • when this service gets created, other applications within the cluster can access the service through service IP or service name
  • Target ports allows to separate the port the service is available on from the port the application is listening on
    • TargetPort = Port which the application is configured to listen on
    • Port = is how the application will be accessed from the outside
  • Service that exposes port on the Pod through a port on the node
    • exposes the service on each Node’s IP via the defined static port
    • no matter which Node within the cluster is accessed, the service will be reachable based on the port number defined
  • Types of ports
    • Port: port on the service itself (usually same as pod port)
    • TargetPort: port on the Pod (where your app listens). This is an optional parameter, if not present, Port is taken
    • NodePort: port on the node that is used to access web server externally (default in the 30000-32768 range)
  • Code must be changed to connect to that new port number
  • An external load balancer is allocated for the service
  • The load balancer is configured accordingly
  • (e.g.: a NodePort service is created, and the load balancer sends traffic to that port)
  • The DNS entry managed by kube-dns will just be a CNAME to a provided record
  • No port, no IP address, no nothing else is allocated