Kubernetes Networking
In this third part of our series, we’ll explore how networking works in Kubernetes.
Networking Model
Kubernetes imposes these fundamental requirements on the networking implementation:
- All Pods can communicate with all other Pods without NAT
- All Nodes can communicate with all Pods without NAT
- The IP a Pod sees itself as is the same IP that others see it as
Pod-to-Pod Communication
Each Pod gets its own IP address. Communication between Pods in the same cluster happens directly.
CNI Plugins
Container Network Interface (CNI) plugins handle the networking:
- Flannel: Simple overlay network
- Calico: High-performance, BGP-based
- Cilium: eBPF-powered networking
- Weave: Easy to set up
Services
Services provide stable endpoints for Pods:
ClusterIP (Default)
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
type: ClusterIP
selector:
app: my-app
ports:
- port: 80
targetPort: 8080
NodePort
Exposes the service on each Node’s IP at a static port.
LoadBalancer
Provisions an external load balancer (cloud-dependent).
Ingress
Ingress manages external access to services:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress
spec:
rules:
- host: myapp.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-service
port:
number: 80
Next Steps
In Part 4, we’ll cover persistent storage and StatefulSets.
Part 4: Storage and StatefulSets coming up!