Describes Kubernetes services.

Use services to expose access to one or more mutually interchangeable pods. As pods can be replicated for rolling updates and for scalability, clients accessing an application must be directed to a pod running the correct application. Pods might also need access to applications outside of Kubernetes. In either case, you can define a service to make access to these resources transparent, even if the actual backend changes.

Typically, services consist of port and IP mappings. How services function in network space depends on the service type.

The default service type is ClusterIP, which exposes the service on the internal IP of the cluster, so that the service is reachable only from within the cluster. Use this service type to expose services for applications that need to access each other from within the cluster.

Often, clients outside of the Kubernetes cluster might need access to services within the cluster. Use the NodePort service type for this. This service type takes advantage of the Kube Proxy service that runs on every worker node and reroutes traffic to a ClusterIP, which is created automatically along with the NodePort service. The service is exposed on each node IP at a static port, called the NodePort. The Kube Proxy routes traffic destined to the NodePort into the cluster to be serviced by a pod running inside the cluster. This means that if a NodePort service is running in the cluster, it can be accessed from any node in the cluster, regardless of where the pod is running.

Building on top of these service types, the LoadBalancer service type can expose a service externally by using a cloud provider's load balancer. The external load balancer can handle redirecting traffic to pods directly in the cluster from the Kube Proxy. A NodePort service and a ClusterIP service are automatically created when a LoadBalancer service is provisioned.

For more information on services, see the upstream Kubernetes documentation.