Didactic Computing Machine

Part 5 - Communication between Pods

Part 5 - Communication between Pods

Kubernetes for Beginners series

Daniel Lopes's photo
Daniel Lopes
·

4 min read

This article provides an overview of the Kubernetes Design Model and Services, which are essential concepts for managing communication and network access within a Kubernetes cluster. A reader will learn about Kubernetes Design Model and the use of a K9s Service wich simplifies communication between Pods even if a POd is killed and created a new one in its place.

Kubernetes Design Model

For communication between Pods and Containers in a node or between nodes, K8s created standard called Kubernetes Design Model. This standard allows for the creation of addons, suitable for specific needs [1] or create your own.

The Kubernetes Design Model inmposes the following requirements for any implementation.

  • Pods on a node can communicate with all Pods without NAT;

  • Agents in a node (kubelet, system dameons) can communicate with all Pods on that node;

  • Every Pod gets its own IP Adress

The K8s Virtual Network uses its own Domain Name System (DNS). DNS is a internet protocol that allows to find an IP address of a machine (in K8s a Pod) by using the machine (or Pod) name [3]. This process ilustrated in Fig. 1.

Fig. 1 - Communication between Pods with K8s DNS

Pod "my-frontend" needs to make a request to "my-backend". "my-frontend" makes a request to k8s Dns Service and asks for the IP of Pod "my-backend". DNS service responds with the assigned IP 192.168.0.2. As soon as "my-frontend" receives the desired IP address, it can connect to "my-backend" and make the request. "my-backend" does not need to make query to DNS service to get the IP address of "my-frontend".

Service

In K8s a Service is a method for making an application running in a Pod accessible to the network. By using a Service the application does not have to be aware of the networking details, making easy to provide network capabilities both to new or legacy applications. An example of a situation where using a Service to maintain communicationbetween Pods, is when a Pod happens to be killed and instantiated a new one in its replace, the IP address will change. By using a Service to connect to the Pod, all Pods that use it will not have to be aware of IP adress change, maintaing communication with the new Pod.

Fig. 2 - Service providing network access to Pods

How a Pod can be reacheable by others Pods and/or cluster's outside services, is done by creating the proper Service Object type and associating it with the correct Pod.
The following Code Block shows how to create a Service manifest file wich can be created in a K8s's cluster by the usual kubectl

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: NodePort 
  selector: # must match Pod's .metadata entries
    app.kubernetes.io/name: MyApp 
  ports:
    - name: http
      protocol: TCP
      port: 80 #port this service is reacheable
      targetPort: 9376 # port on the pod to redirect traffic to

Code Block 1 - Example of a NodePort Service manifest

Naming conventions

In K8s, DNS runs as a Service in kube-system namespace. Pods and Services are the only K8s that can have DNS records [4].

A DNS name for a Pod follows a pattern. A Pod assumes pod-ipv4-address.my-namespace.pod.cluster-domain.example.

For example, if a Pod in the default namespace has the IP address 172.17.0.3, and the domain name for your cluster is cluster.local, then the Pod has a DNS name
172-17-0-3.default.pod.cluster.local.

Any Pods exposed by a Service have the following DNS resolution available
pod-ipv4-address.service-name.my-namespace.svc.cluster-domain.example

Service Types

To expose a Pod you have to consider 4 types of Services:

  • ClusterIP - to make the Pod reacheable from inside the cluster

  • NodePort - to make the Pod reacheable from outside the cluster

  • LoadBalancer - makes the Pod reacheable from outside the cluster using a Load Balancer

  • ExternalName - to map the Pod to an external DNS name

References

[1] “Installing Addons,” Kubernetes, Oct. 02, 2023. https://kubernetes.io/docs/concepts/cluster-administration/addons/#networking-and-network-policy (accessed Dec. 26, 2023).

[2] “Cluster Networking,” Kubernetes. https://kubernetes.io/docs/concepts/cluster-administration/networking/

[3] Wikipedia Contributors, “Domain Name System,” Wikipedia, Aug. 09, 2019. https://en.wikipedia.org/wiki/Domain_Name_System (accessed Dec. 26, 2023).

[4] “DNS for Services and Pods,” Kubernetes, Nov. 23, 2023. https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ (accessed Dec. 27, 2023).

[5] “Network Policies,” Kubernetes, Aug. 23, 2023. https://kubernetes.io/docs/concepts/services-networking/network-policies/ (accessed Dec. 29, 2023).

KubernetesKubernetes-networkingkubernetes-services