Kubernetes

API

API server operates with a cluster through REST. How to communicate: - kubectl - dashboard (UI) - curl (or similar)

Networking

Network policies

  • by default all Pods can reach one another

  • Network isolation can be configured to block traffic to pods by running pods in dedicated namespaces

  • between namespaces by default there is no traffic, unless routing has been configured

  • Network Policy can be used to block Egress as well as Ingress traffic. It works like a firewall

DNS

  • exposed services automatically register with the k8s internal DNS

  • with services exposing themselves on dynamic ports, resolving service names can be challenging

  • DNS service is included by default in k8s and this DNS is updated every time a new service is added

Ingress

  • give services externally-reachable URLs

  • load balance traffic

  • terminate SSL/TLS

You need Ingress controller

  • nginx

  • haproxy

  • traefik

  • kong

  • contour

PreviousEKSNextNetworking

Last updated