Quick recap for network. Details can click the title link or check the official doc.

SVC

1. create

# target port: listening port inside container
# port: service internal port
# NodePort: expose external port
kubectl expose deployment nginx --name nginx-svc --port 8081 --target-port 80 --type [NodePort|ClusterIP]
# --dry-run=client -oyaml

2. curl

# on node
curl localhost:NodePort   # NodePort
curl NODE_IP:NodePort     # NodePort
curl SVC_IP:SVC_Port      # ClusterIP

# in other pod (ClusterIP)
curl SVC_NAME:SVC_Port
curl SVC_IP:SVC_Port

3. check

endpoints
- tells Kubernetes where to forward the traffic from the service.
port-forward
- Creating a network tunnel between your local machine and the Kubernetes cluster

# endpoints IP -> Pod IP
k get endpoints
# port-forward
kubectl port-forward TYPE/NAME LOCAL_PORT:REMOTE_PORT

Ingress

1. Yaml File

Notice: ingressClassName: if there is no ingressclass, create one first, if no IngressClass exists, the ingress resource will not be handled by any controller, and your routes won't work. Pls check official doc

spec:
  ingressClassName: nginx   # used for ingress controller
  rules:
  - host: "foo.bar.com"     # domain name
    http:
      paths:
      - pathType: Prefix
        path: "/bar"        # http://domain/path
        backend:
          service:
            name: service1  # svc
            port:
              number: 80    # svc port

2. Check

Pod IP -> endpoint IP -> ingress IP

# domain name should add into /etc/hosts file with the ingress IP
curl DOMAINNAME:SVC_PORT

NetworkPolicy

1. Fields

act on pods:
- namespace
- podSelector
type: ingress.from & egress.to
traffic flow source/destination pods
- namespaceSelector
- podSelector
- ports

and the yaml file here.

Notice:

Cross Node DNS should add the full name in Fully Qualified Domain Name (FQDN) format for a service: <service-name>.<namespace-name>.svc.cluster.local

more details check official doc

CKA Quick Check Points -- Network

Table of contents

SVC