Welcome to the Linux Foundation Forum!

Lab 2.3: Confusion regarding NodePort service and Cluster IP

tianli
tianli Posts: 1
edited November 2020 in LFD259 Class Forum

Although I'm able to complete Lab 2.3 - "Create a basic Pod", I am a bit confused about how the NodePort service works. After creating a service of type "NodePort":

  • How come the "EXTERNAL-IP" Column of the service "basicservice" is "none", instead of the Node IP?
  • I could query the nginx app through both the master-node IP AND the worker-node IP. I thought the pod is assigned to one of the nodes, so how come it is accessible through the external IP of either node?
  • When people say "External Cluster IP", do they just mean one of the Node's IPs?

Comments

  • Hi @tianli,

    Services are covered in detail in Chapter 7, but before reaching that chapter I may be able to provide some clarification:

    • The EXTERNAL-IP property of the Service is not the Node IP, it is typically a Load Balancer's IP address, and it is populated for LoadBalancer type Services in Kubernetes clusters running as managed cloud services. We are running a self-managed cluster. If our node is configured to act as a Load Balancer, then its IP address may be assigned to EXTERNAL-IP. An example with additional details can be found here.
    • You are correct, the Pod is assigned to one of the Nodes, but reviewing the "Pod-to-Pod Communication" page of the course should answer your question as to why a Pod running on any Node is accessible from either Node of the cluster.
    • I am not sure, however, what is the "External Cluster IP" you are asking about. Did you find this in the course lectures or the lab exercises?

    Regards,
    -Chris

  • runnergeek
    runnergeek Posts: 1

    Hi Chris,

    I was able to figure out the difference between NodePort and ClusterIp service types. With NodePort I was able to curl from my local machine.

    What I don't see it is the benefits we get in step 8 by creating a ClusterIp type service instead of just what we had with the pod:
    "8. We will now create a simple service to expose the pod to other nodes and pods in the cluster."
    I was already running curl from a different node (the cp node) while the pod was in the worker node. Also the pod-to-pod communication allows "All nodes can communicate with all pods".

    So I don't see why I would need a ClusterIp type service, instead of just a Pod.

    Cheers.

  • chrispokorni
    chrispokorni Posts: 2,155

    Hi @runnergeek,

    I just had an interesting conversation with another student, and one of the topics was the same as your question:

    • Q: Why the need for a ClusterIP service if pods are assigned their own unique private IP addresses and can communicate with each other over the pod-to-pod network?
    • A: A pod is ephemeral, meaning that both the pod's name and pod's IP address may change several times during the lifecycle of a containerized application running in the pod. A permanent solution is a service exposing the pods of an application, offering a permanent access interface with a consistent name and a stable ClusterIP address that integrate with the cluster's internal DNS that helps to remove any discovery overhead and communication complexity between pods.

    Regards,
    -Chris

Categories

Upcoming Training