Kubernetes – Cluster IP vs Node-Port
The ClusterIP provides a load-balanced IP address. One or more pods that match a label selector can forward traffic to the IP address. The ClusterIP service must define one or more ports to listen on with target ports to forward TCP/UDP traffic to containers.
- This is the default service type that exposes the service on a cluster-internal IP by making the service only reachable within the cluster.
- A Cluster service is the default Kubernetes service. It gives you a service inside your cluster that other apps inside your cluster can access.
- There is no external process.
When to use Cluster IP?
- There are a few scenarios where you would use the Kubernetes proxy to access your services.
- debugging your services, or connecting to them directly from your laptop for some reason
- Allowing internal traffic, displaying internal dashboards, etc.
This exposes the service on each Node’s IP at a static port. Since a ClusterIP service, to which the NodePort service will route, is automatically created. We can contact the NodePort service outside the cluster.
- A Nodeport service is the most primitive way to get external traffic directly to your service.
- NodePort, as the same implies, opens a specific port on all the Nodes (the VMs), and any traffic that is sent to this port is forwarded to the service.
When to use Node Port?
- There are many downsides to this method
- You can only have one service per port
- You can only use ports 30,000-32,767
- If your Node/VM IP address change, you need to deal with that
- For these reasons, I don’t recommend using this method in production to directly expose your service. If you are running a service that doesn’t have to be always available, or you are very cost-sensitive, this method will work for you. A good example of such an application is a demo app or something temporary.