> For the complete documentation index, see [llms.txt](https://amartyushov.gitbook.io/tech/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://amartyushov.gitbook.io/tech/platforms/kubernetes/service.md).

# Service

## [Services](https://kubernetes.io/docs/tutorials/kubernetes-basics/expose/expose-intro/)

[Docs](https://kubernetes.io/docs/concepts/services-networking/service/)

A Service in Kubernetes is an abstraction which defines a logical set of Pods and a policy by which to access them. Services enable a loose coupling between dependent Pods. Services are the abstraction that allow pods to die and replicate in Kubernetes without impacting your application.

The set of Pods targeted by a Service is usually determined by a *LabelSelector.*

Although each Pod has a unique IP address, those IPs are not exposed outside the cluster without a Service. **Services allow your applications to receive traffic**. Services can be exposed in different ways by specifying a `type` in the ServiceSpec:

* *ClusterIP* (default) - Exposes the Service on an internal IP in the cluster. This type makes the Service only reachable from within the cluster.
* *NodePort* - Exposes the Service on the same port of each selected Node in the cluster using NAT. Makes a Service accessible from outside the cluster using `<NodeIP>:<NodePort>`. Superset of ClusterIP.
* *LoadBalancer* - Creates an external load balancer in the current cloud (if supported) and assigns a fixed, external IP to the Service. Superset of NodePort.
* *ExternalName* - Maps the Service to the contents of the `externalName` field (e.g. `foo.bar.example.com`), by returning a `CNAME` record with its value. No proxying of any kind is set up. This type requires v1.7 or higher of `kube-dns`, or CoreDNS version 0.0.8 or higher.

<figure><img src="https://developer.ibm.com/developer/default/articles/kubernetes-networking-what-you-need-to-know/images/NodePort_LoadBalancer_Service.png" alt=""><figcaption></figcaption></figure>

```
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get svc
kubectl describe services/[service_name]

```

![](/files/-MkgAFvZHkSMPenxbaAR)

## K8s Service vs Istio Virtual Service

#### Kubernetes service

Kubernetes `service` manages a pod's networking. It specifies whether your pods are exposed internally (`ClusterIP`), externally (`NodePort` or `LoadBalancer`) or as a CNAME of other DNS entries (`externalName`).

As an example this `foo-service` will expose the pods with label `app: foo`. Any requests sent to the node on port `30007` will be forwarded to the pod on port `80`.

```yaml
apiVersion: v1
kind: Service
metadata:
  name: foo-service
spec:
  type: NodePort
  selector:
    app: foo
  ports:
    - port: 80
      targetPort: 80
      nodePort: 30007
```

#### Istio virtualservice

Istio `virtualservice` is **one level higher** than Kuberenetes `service`. It can be used to apply traffic routing, fault injection, retries and many other configurations to `services`.

As an example this `foo-retry-virtualservice` will retry 3 times with a timeout 2s each for failed requests to `foo`.

```yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: foo-retry-virtualservice
spec:
  hosts:
  - foo
  http:
  - route:
    - destination:
        host: foo
    retries:
      attempts: 3
      perTryTimeout: 2s
```

Another example of this `foo-delay-virtualservice` will apply a 0.5s delay to 0.1% of requests to `foo`.

```yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: foo-delay-virtualservice
spec:
  hosts:
  - foo
  http:
  - fault:
      delay:
        percentage:
          value: 0.1
        fixedDelay: 5s
    route:
    - destination:
        host: foo
```

#### Ref

<https://kubernetes.io/docs/concepts/services-networking/service/> <https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/> <https://istio.io/latest/docs/reference/config/networking/virtual-service/> <https://istio.io/latest/docs/concepts/traffic-management/#virtual-services>

## Service endpoint and endpoint slices

<figure><img src="/files/vJxCP5O0HwFXMG3iX8Ye" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://amartyushov.gitbook.io/tech/platforms/kubernetes/service.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.