Getting Started with Kubernetes（Second Edition）

上QQ阅读APP看书，第一时间看更新

Services

Services allow us to abstract access away from the consumers of our applications. Using a reliable endpoint, users and other programs can access pods running on your cluster seamlessly.

K8s achieves this by making sure that every node in the cluster runs a proxy named kube-proxy. As the name suggests, the job of kube-proxy is to proxy communication from a service endpoint back to the corresponding pod that is running the actual application.

The kube-proxy architecture

Membership of the service load balancing pool is determined by the use of selectors and labels. Pods with matching labels are added to the list of candidates where the service forwards traffic. A virtual IP address and port are used as the entry points for the service, and the traffic is then forwarded to a random pod on a target port defined by either K8s or your definition file.

Updates to service definitions are monitored and coordinated from the K8s cluster master and propagated to the kube-proxy daemons running on each node.

At the moment, kube-proxy is running on the node host itself. There are plans to containerize this and the kubelet by default in the future.