# Kubernetes

## API 

API server operates with a cluster through REST. How to communicate:\
\- kubectl\
\- dashboard (UI)\
\- curl (or similar)

## Networking

### Network policies

* by default all Pods can reach one another
* Network isolation can be configured to block traffic to pods by running pods in dedicated namespaces
* between namespaces by default there is no traffic, unless routing has been configured
* Network Policy can be used to block Egress as well as Ingress traffic. It works like a firewall

## DNS

* exposed services automatically register with the k8s internal DNS
* with services exposing themselves on dynamic ports, resolving service names can be challenging
* DNS service is included by default in k8s and this DNS is updated every time a new service is added

## Ingress

* give services externally-reachable URLs
* load balance traffic
* terminate SSL/TLS

You need Ingress controller

* nginx
* haproxy
* traefik
* kong
* contour