ClusterIP is the default Service type in Kubernetes, but it is not meant for external access.
Comparison with other mechanisms
| Method |
Layer |
External Access? |
Pros |
Cons |
Typical Use Case |
| ClusterIP |
L4 |
No |
Simple, lightweight, internal only |
Not accessible from outside the cluster |
Backend services, microservices talking to each other |
| NodePort |
L4 |
Yes |
Easy to setup, no extra resources |
Uses high ports (30000-32767), not ideal for production |
Testing, development |
| LoadBalancer |
L4 |
Yes |
Cloud provider managed LB, simple |
Expensive (one LB per service), limited routing |
Simple public services |
| Ingress |
L7 |
Yes |
Single entry point, smart routing, TLS |
Requires Ingress Controller |
Most production web apps |
So what is ClusterIP exactly ?
-
Purpose: Allows pods to communicate with each other inside the cluster.
-
It gets a virtual IP (ClusterIP) that is only reachable from within the Kubernetes cluster.
-
Other services/pods can reach it using the service name (e.g., http://my-api-service:80).
-
It does not open any ports to the outside world.
Example:
apiVersion: v1
kind: Service
metadata:
name: backend
spec:
type: ClusterIP # This is default, even if you don't specify
selector:
app: backend
ports:
- port: 80
targetPort: 8080
When to Use What
| Need |
Recommended Approach |
| Internal communication only |
ClusterIP |
| Quick external access (dev/test) |
NodePort |
| Simple external access on cloud |
LoadBalancer |
| Multiple apps, domains, paths, TLS |
Ingress (best choice) |
| Advanced routing, traffic management |
Ingress or Gateway API |
No comments:
Post a Comment