Kubernetes Networking

Services, Ingress, Network Policies, DNS, and CNI (Container Network Interface) plugins

What is Kubernetes Networking ?

Kubernetes networking enables seamless communication between different parts of a cluster, including Nodes, Pods, and Services. This ensures that your applications can interact efficiently, whether they’re within the same cluster or communicating with external services.

Below are the 3 Kubernetes networks

1. Pod-to-Pod communications
2. Pod-to-Service communications
3. External-to-Service communications

Service

Expose an application running in your cluster behind a single outward-facing endpoint, even when the workload is split across multiple backends.

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app.kubernetes.io/name: MyApp
  ports:
    - protocol: TCP
      port: 80
      targetPort: 9376        

Applying this manifest creates a new Service named "my-service" with the default ClusterIP. The Service targets TCP port 9376 on any Pod with the app.kubernetes.io/name: MyApp label.

Ingress

Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource.

Here is a simple example where an Ingress sends all its traffic to one Service:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: minimal-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  ingressClassName: nginx-example
  rules:
  - http:
      paths:
      - path: /testpath
        pathType: Prefix
        backend:
          service:
            name: test
            port:
              number: 80        

Network Policies

If you want to control traffic flow at the IP address or port level (OSI layer 3 or 4), Network Policies allow you to specify rules for traffic flow within your cluster, and also between Pods and the outside world. Your cluster must use a network plugin that supports Network Policy enforcement.

DNS for Services and Pods

Kubernetes creates DNS records for Services and Pods. You can contact Services with consistent DNS names instead of IP addresses.

Kubernetes publishes information about Pods and Services which is used to program DNS. Kubelet configures Pods' DNS so that running containers can lookup Services by name rather than IP.

CNI (Container Network Interface) plugins

Container Network Interface (CNI) plugins are essential for managing network connectivity in Kubernetes clusters. They provide a standardized way to configure network interfaces for containers and ensure consistent networking across all pods.

• Container Network Interface(CNI) is a specification and library for configuring network interfaces in Linux containers. In Kubernetes, CNI is the standard way to provide networking to pods.
• The main purpose of CNI is to allow different networking plugins to be used with container runtimes.