Kubernetes: Service Proxy

Ok great! Now that we have established that all requests for all clients in some form or the other hits ClusterIP, we just need to understand how the request finally get routed to the appropriate pod. In the above diagram, which one of those three green dots gets the request?

Perhaps there is one another burning question one might ask is “Why do you even need this? Why don’t we simply go round robin from ClusterIP (from iptables for example) to pods directly?” Kubernetes justifies it here.

Every node in the Kubernetes cluster run a container called kube-proxy.kube-proxy is a container that is responsible to provide proxy service to all your service requests. What we need to do here is just help kube-proxy send the requests to the right pod by setting some settings when spinning up our services. These settings are distinguished by the type of proxy mode kube-proxy is running under.

1. User space proxy mode
2. iptables proxy mode
3. IPVS proxy mode

To understand which proxy mode to use over the other I found this blog very helpful.