Summary: There are five types of Services: ClusterIP (default): Internal clients send requests to a stable internal IP address. NodePort: Clients send requests to the IP address of a node on one or more nodePort values that are specified by the Service. LoadBalancer: Clients send requests to the IP address of a network load balancer. ExternalName: Internal clients use the DNS name of a Service as an alias for an external DNS name. Headless: You can use a headless service when you want a Pod grouping, but don't need a stable IP address. The NodePort type is an extension of the ClusterIP type. So a Service of type NodePort has a cluster IP address. The LoadBalancer type is an extension of the NodePort type. So a Service of type LoadBalancer has a cluster IP address and one or more nodePort values.

通过图像说明

Details ClusterIP ClusterIP is the default and most common service type. Kubernetes will assign a cluster-internal IP address to ClusterIP service. This makes the service only reachable within the cluster. You cannot make requests to service (pods) from outside the cluster. You can optionally set cluster IP in the service definition file. Use Cases Inter-service communication within the cluster. For example, communication between the front-end and back-end components of your app. NodePort NodePort service is an extension of ClusterIP service. A ClusterIP Service, to which the NodePort Service routes, is automatically created. It exposes the service outside of the cluster by adding a cluster-wide port on top of ClusterIP. NodePort exposes the service on each Node’s IP at a static port (the NodePort). Each node proxies that port into your Service. So, external traffic has access to fixed port on each Node. It means any request to your cluster on that port gets forwarded to the service. You can contact the NodePort Service, from outside the cluster, by requesting :. Node port must be in the range of 30000–32767. Manually allocating a port to the service is optional. If it is undefined, Kubernetes will automatically assign one. If you are going to choose node port explicitly, ensure that the port was not already used by another service. Use Cases When you want to enable external connectivity to your service. Using a NodePort gives you the freedom to set up your own load balancing solution, to configure environments that are not fully supported by Kubernetes, or even to expose one or more nodes’ IPs directly. Prefer to place a load balancer above your nodes to avoid node failure. LoadBalancer LoadBalancer service is an extension of NodePort service. NodePort and ClusterIP Services, to which the external load balancer routes, are automatically created. It integrates NodePort with cloud-based load balancers. It exposes the Service externally using a cloud provider’s load balancer. Each cloud provider (AWS, Azure, GCP, etc) has its own native load balancer implementation. The cloud provider will create a load balancer, which then automatically routes requests to your Kubernetes Service. Traffic from the external load balancer is directed at the backend Pods. The cloud provider decides how it is load balanced. The actual creation of the load balancer happens asynchronously. Every time you want to expose a service to the outside world, you have to create a new LoadBalancer and get an IP address. Use Cases When you are using a cloud provider to host your Kubernetes cluster. ExternalName Services of type ExternalName map a Service to a DNS name, not to a typical selector such as my-service. You specify these Services with the spec.externalName parameter. It maps the Service to the contents of the externalName field (e.g. foo.bar.example.com), by returning a CNAME record with its value. No proxying of any kind is established. Use Cases This is commonly used to create a service within Kubernetes to represent an external datastore like a database that runs externally to Kubernetes. You can use that ExternalName service (as a local service) when Pods from one namespace talk to a service in another namespace.

实际的理解。

我已经为NodePort和ClusterIP创建了2个服务

如果我想访问集群内的服务(从主节点或任何工作节点)，那么两者都是可访问的。

现在，如果我想从集群外部访问服务，那么只能访问Nodeport，不能访问ClusterIP。

在这里你可以看到localhost不会监听端口80，即使我的nginx容器监听端口80。

是的，这是唯一的区别。

ClusterIP。公开只能从集群内部访问的服务。 NodePort。通过每个节点IP上的静态端口公开服务。 loadbalance。通过云提供商的负载平衡器公开服务。 ExternalName。通过返回CNAME记录的值，将服务映射到预定义的externalName字段。

实际使用案例

假设您必须在集群中创建以下架构。我想这很常见。

现在，用户只会在某个端口上与前端通信。后端和DB服务始终对外部世界隐藏。

为了在更简单的层面上为那些正在寻找这三者之间的区别的人澄清。您可以使用最小的ClusterIp(在k8s集群内)公开您的服务，也可以使用NodePort(在k8s集群外部的集群内)或LoadBalancer(外部世界或您在LB中定义的任何东西)公开您的服务。

ClusterIp暴露< NodePort暴露< LoadBalancer暴露

ClusterIp 通过ip/name:port的k8s集群公开服务 NodePort 通过内部网络虚拟机的外部k8s ip/name:port公开服务 loadbalance 通过外部世界或您在LB中定义的任何方式公开服务。

Summary: There are five types of Services: ClusterIP (default): Internal clients send requests to a stable internal IP address. NodePort: Clients send requests to the IP address of a node on one or more nodePort values that are specified by the Service. LoadBalancer: Clients send requests to the IP address of a network load balancer. ExternalName: Internal clients use the DNS name of a Service as an alias for an external DNS name. Headless: You can use a headless service when you want a Pod grouping, but don't need a stable IP address. The NodePort type is an extension of the ClusterIP type. So a Service of type NodePort has a cluster IP address. The LoadBalancer type is an extension of the NodePort type. So a Service of type LoadBalancer has a cluster IP address and one or more nodePort values.

通过图像说明

Details ClusterIP ClusterIP is the default and most common service type. Kubernetes will assign a cluster-internal IP address to ClusterIP service. This makes the service only reachable within the cluster. You cannot make requests to service (pods) from outside the cluster. You can optionally set cluster IP in the service definition file. Use Cases Inter-service communication within the cluster. For example, communication between the front-end and back-end components of your app. NodePort NodePort service is an extension of ClusterIP service. A ClusterIP Service, to which the NodePort Service routes, is automatically created. It exposes the service outside of the cluster by adding a cluster-wide port on top of ClusterIP. NodePort exposes the service on each Node’s IP at a static port (the NodePort). Each node proxies that port into your Service. So, external traffic has access to fixed port on each Node. It means any request to your cluster on that port gets forwarded to the service. You can contact the NodePort Service, from outside the cluster, by requesting :. Node port must be in the range of 30000–32767. Manually allocating a port to the service is optional. If it is undefined, Kubernetes will automatically assign one. If you are going to choose node port explicitly, ensure that the port was not already used by another service. Use Cases When you want to enable external connectivity to your service. Using a NodePort gives you the freedom to set up your own load balancing solution, to configure environments that are not fully supported by Kubernetes, or even to expose one or more nodes’ IPs directly. Prefer to place a load balancer above your nodes to avoid node failure. LoadBalancer LoadBalancer service is an extension of NodePort service. NodePort and ClusterIP Services, to which the external load balancer routes, are automatically created. It integrates NodePort with cloud-based load balancers. It exposes the Service externally using a cloud provider’s load balancer. Each cloud provider (AWS, Azure, GCP, etc) has its own native load balancer implementation. The cloud provider will create a load balancer, which then automatically routes requests to your Kubernetes Service. Traffic from the external load balancer is directed at the backend Pods. The cloud provider decides how it is load balanced. The actual creation of the load balancer happens asynchronously. Every time you want to expose a service to the outside world, you have to create a new LoadBalancer and get an IP address. Use Cases When you are using a cloud provider to host your Kubernetes cluster. ExternalName Services of type ExternalName map a Service to a DNS name, not to a typical selector such as my-service. You specify these Services with the spec.externalName parameter. It maps the Service to the contents of the externalName field (e.g. foo.bar.example.com), by returning a CNAME record with its value. No proxying of any kind is established. Use Cases This is commonly used to create a service within Kubernetes to represent an external datastore like a database that runs externally to Kubernetes. You can use that ExternalName service (as a local service) when Pods from one namespace talk to a service in another namespace.

ClusterIP公开了以下内容:

spec.clusterIp: spec.ports [*] .port

您只能在集群内访问此服务。可以从它的spec.clusterIp端口访问它。如果使用spec.ports[*]. xml文件。targetPort被设置，它将从端口路由到targetPort。调用kubectl get services时得到的cluster -IP是在集群内部分配给该服务的IP。

NodePort公开了以下内容:

< NodeIP >: spec.ports [*] .nodePort spec.clusterIp: spec.ports [*] .port

如果您从节点的外部IP访问nodePort上的这个服务，它将把请求路由到spec.clusterIp:spec.ports[*]。端口，这将反过来路由到您的spec.ports[*]。如果设置了targetPort。该服务的访问方式与ClusterIP相同。

nodeip是节点的外部IP地址。您无法从spec.clusterIp:spec.ports[*]. nodeport访问您的服务。

LoadBalancer公开以下内容:

spec.loadBalancerIp: spec.ports [*] .port < NodeIP >: spec.ports [*] .nodePort spec.clusterIp: spec.ports [*] .port

您可以从负载均衡器的IP地址访问此服务，该IP地址将请求路由到nodePort, nodePort又将请求路由到clusterIP端口。您可以像访问NodePort或ClusterIP服务一样访问这个服务。

来源:

Kubernetes在行动 Kubernetes。io服务 Kubernetes Services简单直观地解释了