7th Week :- Mastering Kubernetes Services: ReplicaSet, Deployment & Service Types Explained
Lav kushwahaπ What is a ReplicaSet?
π Definition:
A ReplicaSet (RS) is a Kubernetes controller that ensures a specific number of identical Pods are always running. If a pod crashes or gets deleted, the ReplicaSet automatically spins up a new one to maintain the declared replica count.
π Why is ReplicaSet Needed?
Ensures High Availability: If a pod crashes, RS recreates it instantly.
Scalability: You can scale apps by increasing replica counts.
Self-Healing: RS replaces failed or accidentally deleted pods automatically.
Foundation for Deployment: Used internally by Deployments to manage pods.
π YAML Example:
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: frontend-rs
spec:
replicas: 3
selector:
matchLabels:
app: frontend
template:
metadata:
labels:
app: frontend
spec:
containers:
- name: nginx
image: nginx:1.21
ports:
- containerPort: 80
π§ͺ Real-World Use Case:
You're running a front-end app in production and want to ensure at least 3 instances (pods) are always available. If any fail, they should auto-recover without manual effort.
π» Commands:
kubectl apply -f replicaset.yaml # Create ReplicaSet
kubectl get replicaset # Check ReplicaSet status
kubectl scale rs frontend-rs --replicas=5 # Scale up to 5 pods
kubectl delete rs frontend-rs # Delete ReplicaSet
β οΈ Limitations:
No Version Control: You canβt do rolling updates.
Not Ideal for CI/CD: You need to manually delete and recreate ReplicaSets for updates.
No Rollback Support: You cannot rollback to previous versions.
π What is a Deployment?
π Definition:
A Deployment is a higher-level controller that manages ReplicaSets and provides capabilities like rolling updates, version tracking, and rollback. Itβs the most commonly used K8s object for managing stateless applications.
π Why Use Deployment?
β Declarative Updates: You define the desired state, and Kubernetes ensures it's met.
β Rolling Updates: Update pods incrementally with zero downtime.
β Rollback Support: Revert to a previous version easily.
β Scaling: Adjust replicas dynamically.
π YAML Example:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx-deployment
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.21
ports:
- containerPort: 80
π§ͺ Real-World Use Case:
You want to deploy an updated version of your backend API. Using a Deployment, you can roll out the update gradually. If anything goes wrong, roll back safely.
π» Commands:
kubectl apply -f deployment.yaml
kubectl get deployments
kubectl rollout status deployment/my-nginx-deployment
kubectl rollout history deployment/my-nginx-deployment
kubectl rollout undo deployment/my-nginx-deployment
kubectl scale deployment my-nginx-deployment --replicas=5
kubectl delete deployment my-nginx-deployment
β οΈ Limitations:
Not suitable for stateful apps that require stable identity (use StatefulSets instead).
Only supports stateless app patterns.
Needs a Service to expose pods to other apps or users.
π What is a Service in Kubernetes?
π Definition:
A Service is a Kubernetes abstraction that defines a logical set of pods and a policy by which to access them β usually via a stable IP address and DNS name.
π Why is Service Needed?
π Load Balancing: Automatically distributes traffic across pods.
π§ Stable Endpoint: Pods can die and restart, but the service IP remains the same.
π Accessibility: Expose apps internally or to the internet.
π Service Discovery: Other components can reach it via DNS (
my-service.default.svc.cluster.local).
π¦ Types of Services
| Type | Description |
| ClusterIP (default) | Accessible only within the cluster |
| NodePort | Exposes app on a static port on each node |
| LoadBalancer | Provides external IP using cloud provider's LB |
| ExternalName | Maps service to an external DNS name |
1οΈβ£ ClusterIP (Default)
π What it is:
The default service type. It gives an internal IP that is accessible only within the cluster.
β Use Cases:
Internal communication between microservices
Backend DB or API called by other services
π§ͺ YAML Example:
apiVersion: v1
kind: Service
metadata:
name: backend-service
spec:
selector:
app: backend
ports:
- protocol: TCP
port: 80 # Service port
targetPort: 8080 # Container port
π Access:
Other services/pods access it using:
http://backend-service
𧱠Diagram:
[frontend pod] ---> [backend-service: ClusterIP] ---> [backend pod]
β οΈ Limitations:
Cannot be accessed from outside the cluster
Use NodePort or Ingress if needed externally
2οΈβ£ NodePort
π What it is:
A NodePort service exposes the app on each worker nodeβs IP at a static port (30000β32767). You can then access the app via:
http://<NodeIP>:<NodePort>
β Use Cases:
Quick testing of services locally (e.g., Minikube)
Basic external access on self-hosted clusters
Demo/staging environments
π§ͺ YAML Example:
apiVersion: v1
kind: Service
metadata:
name: nodeport-service
spec:
type: NodePort
selector:
app: myapp
ports:
- port: 80
targetPort: 8080
nodePort: 30080
𧱠Diagram:
User Browser
β
http://<NodeIP>:30080
β
[NodePort Service] ---> [Pod]
β οΈ Limitations:
Static port range (30000-32767)
Exposes service on all nodes (even if the pod is running on just one)
No advanced traffic routing or SSL (use Ingress)
3οΈβ£ LoadBalancer
π What it is:
A LoadBalancer service creates an external load balancer (from your cloud provider), which routes traffic to your NodePort or ClusterIP services.
β Use Cases:
Publicly accessible services in production
Auto-scaled apps hosted on AWS, GCP, Azure, etc.
π©οΈ Cloud Providers Required:
Works only on:
AWS (Elastic Load Balancer)
GCP (Cloud Load Balancing)
Azure (Load Balancer)
Or use MetalLB for bare metal clusters
π§ͺ YAML Example:
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service
spec:
type: LoadBalancer
selector:
app: myapp
ports:
- port: 80
targetPort: 8080
𧱠Diagram:
User Browser
β
[Cloud Load Balancer (Public IP)]
β
[LoadBalancer Service] ---> [Pod(s)]
β οΈ Limitations:
Cloud-only
Provisioning time is higher
May incur cost (in production environments)
One LB per service = not scalable in large-scale setups (consider Ingress)β Summary Table
4οΈβ£ ExternalName
π What it is:
This service doesnβt route traffic but acts as a CNAME (DNS alias) for an external service.
β Use Cases:
Redirect Kubernetes traffic to external databases or APIs
Use familiar DNS names inside your cluster
π§ͺ YAML Example:
apiVersion: v1
kind: Service
metadata:
name: my-sql-service
spec:
type: ExternalName
externalName: mydb.example.com
π Usage:
Your app inside the cluster can access:
http://my-sql-service
Which internally maps to:
http://mydb.example.com
𧱠Diagram:
[pod] ---> [ExternalName service] --> [external DNS: mydb.example.com]
β οΈ Limitations:
DNS-based only; no ports or selectors
Cannot load balance or health check
π Summary Table of Service Types
| Type | Access Level | Traffic Origin | Real IP Handling | Load Balanced | External Access |
| ClusterIP | Internal only | Other cluster services | Internal IP | β (between pods) | β |
| NodePort | External on Node | Browser / External App | Node IP + Port | β | β (basic) |
| LoadBalancer | Public Internet | Userβs browser | Public IP | β (cloud) | β (prod-ready) |
| ExternalName | Internal DNS | Internal Pods | CNAME | β | β (DNS only) |
π§ Choosing the Right Service Type
| Scenario | Best Type |
| Microservice-to-microservice | ClusterIP |
| Dev/test external access | NodePort |
| Production public access | LoadBalancer |
| Connect to 3rd-party API | ExternalName |
| Component | Purpose | Can Scale | Can Update | Stable Access | Exposes to Users |
| ReplicaSet | Maintain pod count | β | β | β | β |
| Deployment | Manage ReplicaSet & version | β | β | β | β |
| Service | Expose pods to network | β | β | β | β (depends on type) |
Subscribe to my newsletter
Read articles from Lav kushwaha directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by