CODEWITHSUNDEEP
kubernetes
Fei
Fei

Reputation: 495

What's the purpose of the default Kubernetes service?

When you run: kubectl get svc -n default, you will have a Kubernetes service with Type as ClusterIP already there.

What is the purpose of this service? Are there some references?

I'm running in Minikube:

kubectl describe svc/kubernetes

Output:

Name:              kubernetes
Namespace:         default
Labels:            component=apiserver
               provider=kubernetes
Annotations:       <none>
Selector:          <none>
Type:              ClusterIP
IP:                10.0.0.1
Port:              https  443/TCP
TargetPort:        8443/TCP
Endpoints:         10.0.2.15:8443
Session Affinity:  ClientIP
Events:            <none>

And:

kubectl cluster-info

Output:

Kubernetes master is running at https://192.168.99.100:8443

Upvotes: 28

Views: 15119

Answers (3)

Karthik Venkateswaran
Karthik Venkateswaran

Reputation: 416

As far as I know, the Kubernetes service in the default namespace is a service which forwards requests to the Kubernetes master (typically Kubernetes API server).

So all the requests to the kubernetes.default service from the cluster will be routed to the configured endpoint IP address. In this scenario its Kubernetes master IP address.

For example:

Let’s check out the output of kubectl describe svc kubernetes and look at the the endpoint IP address.

Enter image description here

Now let’s check our cluster information:

kubectl cluster-info

Enter image description here

Please note that the Kubernetes master is running at the same IP address as the endpoint's IP address of the kubernetes.default service.

Upvotes: 21

ash
ash

Reputation: 1

So this Kubernetes service by default uses the kupe-apiserver pod in the backend. If this goes down, we'll not be able to communicate with master, and kubectl commands won’t work.

Upvotes: -2

mdaniel
mdaniel

Reputation: 33203

It is so that every Pod within your cluster can make API requests of the Kubernetes master without having to hard-code the API URL therein. Your ~/.kube/config may very well have the "external" address of your Kubernetes master, but it makes very little sense for API traffic to leave the cluster and then re-enter the cluster for a Pod that could be co-located on the same Node. Pods are able to use the Service Account credentials injected by kubernetes, unless that Service Account feature is disabled per-Pod.

Your application is free to make use of that functionality, too, if it wishes -- for example -- to discover any annotations on its Pod, or how many other replicas there are in its Deployment, and so forth.

I guess the tl;dr is that for 90% of the Pods it doesn't matter, and for the remaining 10% it is super convenient.

Upvotes: 8

Related Questions