How are ClusterIP, NodePort and LoadBalancer different from each other?

+7 votes
Different service types in kubernetes has always been confusing.

Can someone explain the concepts of clusterIP, NodePort and LoadBalancer?
Sep 7, 2018 in Kubernetes by Hannah
• 17,150 points
6,003 views

4 answers to this question.

+1 vote
Best answer

ClusterIP

ClusterIP accesses the services through proxy. ClusterIP can access services only inside the cluster.

Nodeport

NodePort opens a specific port on each node of the cluster and traffic on that node is forwarded directly to the service.

LoadBalancer

All the traffic on the port is forwarded to the service, there's no filtering , no routing.

Hopefully these diagrams will give you a better understanding.

answered Sep 10, 2018 by Nilesh
• 6,920 points

selected Sep 10, 2018 by Vardhan
What is Kubenetes Ingress used for?
hello @Anoop,
Ingress is not exactly a service, it just sits in front of muliple servers and act as smart router. Its an abstraction over layet 7 load balancers. Ingress provides layer7 load balancing, SSL termination and name based virtual hosting.
+2 votes

To understand the types of services first lets understand what are services

services are basically collection of different pods having same set of functions. These are the services that are accessed by the clients/users.

You already know there are 3 types of service types:

- ClusterIP

- NodePort

- LoadBalancer

Lets talk about them one by one

ClusterIP:

ClusterIP is the default kubernetes service. This service is created inside a cluster and can only be accessed by other pods in that cluster. So basically we use this type of service when we want to expose a service to other pods within the same cluster. 

This service is accessed using kubernetes proxy.                                                                                  

apiVersion: v1
kind: Service
metadata:  
  name: my-internal-service
spec:
  selector:    
    app: my-app
  type: ClusterIP
  ports:  
  - name: http
    port: 80
    targetPort: 80
    protocol: TCP

Nodeport:

NodePort opens a specific port on your node/VM and when that port gets traffic, that traffic is forwarded directly to the service.

There are a few limitations and hence its not advised to use NodePort

- only one service per port

- You can only use ports 30000-32767

- Dealing with changing node/VM IP is difficult

apiVersion: v1
kind: Service
metadata:  
  name: my-nodeport-service
spec:
  selector:    
    app: my-app
  type: NodePort
  ports:  
  - name: http
    port: 80
    targetPort: 80
    nodePort: 30036
    protocol: TCP

LoadBalancer:

This is the standard way to expose service to the internet. All the traffic on the port is forwarded to the service. It's designed to assign an external IP to act as a load balancer for the service.  There's no filtering, no routing. LoadBalancer uses cloud service

Few limitations with LoadBalancer:

- every service exposed will it's own ip address 

- It gets very expensive 

answered Sep 7, 2018 by Kalgi
• 46,110 points
0 votes

A LoadBalancer service points to external load balancers and are not a part of cluster, they exist somewhere else.Google and AWS provide this facility

Whereas ingress is just set of rulesthat is passed to the controller that is listening to them. You need an ingress-controller that holds all the routing and traffic forwarding rules. Even a LoadBalancer service will listen to ingress provided the ingress-controller contains the required rules

answered Sep 11, 2018 by Anisha
0 votes
Suppose I have a kubernetes cluster which has 3 services running on different pods on different nodes having different IP addresses. Let these services be frontend, backend and database.

Since every service is deployed on different pods having different internal-IP addresses it gets difficult to access the services as a developer. Using the service type as ClusterIP, a Global IP called ClusterIP is assigned to that cluster which is alive till the cluster is alive. This global IP uses set of iptables’s rules that maps ClusterIP to all pod’s internal IP. Using this clusterIP, we can access all the services associated with that cluster. This service type can be used in these possible cases-allowing internal traffic, testing a service or debugging the services.

If I want a specific service, let’s say, frontend to be exposed on all the nodes/VMs, I use NodePort as my service type. So what NodePort does is, it opens a port on all the nodes that are part of the cluster and the service i.e. my frontend gets exposed/deployed directly on these ports.

Now suppose one of my node crashes or for some reason stops working, I need the service running on that crashed port to be accessed by another node. In such a case I use the service type LoadBalancer. As the name suggests it balances the load on the cluster. LoadBalancer usually uses cloud platform such as GCP to create a component inside the cluster using Network load Balancer that generates a single IP address that will forward all the traffic to the service.
answered Sep 11, 2018 by Mohit

Related Questions In Kubernetes

0 votes
1 answer

How to build Start vNext from Powershell and fetch artifacts

TFS 2015 comes with the new REST API, ...READ MORE

answered Oct 17, 2018 in Kubernetes by lina
• 8,160 points
95 views
0 votes
1 answer

how can i access two containers that are inside a pod from the browser with IP address?

Just do port forward. kubectl port-forward [nginx-pod-name] 80:80 kubectl ...READ MORE

answered Jul 18 in Kubernetes by Sirajul
• 41,000 points
63 views
0 votes
1 answer

How can I access a service installed on Kubernetes from anywhere?

I have followed the link which you have ...READ MORE

answered Jul 23, 2018 in Kubernetes by Atul
• 10,240 points
165 views
0 votes
1 answer
0 votes
3 answers

Error while joining cluster with node

Hi Kalgi after following above steps it ...READ MORE

answered Jan 17 in Others by anonymous
3,498 views
+3 votes
1 answer
0 votes
2 answers

Access Kubernetes api from within a pod container

wget version: KUBE_TOKEN=$(</var/run/secrets/kubernetes.io/serviceaccount/token) wget -vO- ...READ MORE

answered Aug 29, 2018 in Kubernetes by Nilesh
• 6,920 points
393 views
0 votes
2 answers

Error saying “Error from server (NotFound): the server could not find the requested resource”

official Documentation says: A client should be skewed ...READ MORE

answered Sep 19, 2018 in Kubernetes by Nilesh
• 6,920 points
1,317 views