As a leading, open-source multi-cluster orchestration platform, Rancher lets operations teams deploy, manage and secure enterprise Kubernetes. Rancher also gives users a set of CNI options to choose from, including open-source Project Calico. Calico provides native Layer 3 routing capability for Kubernetes pods which simplifies the networking architecture, increases networking performance and provides a rich network policy model that makes it easy to lock down communication so the only traffic that flows is the traffic you want to flow.
Services are one of the key Kubernetes primitives you need to understand to glue microservices together and expose your applications outside of the cluster. The Service resource provides an abstract way to expose an application running on a set of pods as a network service.
Calico provides a range of options for accessing services in a Rancher cluster depending on your needs and the specific cluster environment. For example, you may need to limit access to specific external clients, or you may be running workloads that are latency-sensitive. Understanding how services work in your cluster and the many services options available to you can help you determine the best approach to addressing your specific use cases. Working through this process will raise questions, such as:
- What’s the difference between a Cluster IP, Node Port, and Load Balancer service?
- How do all these abstractions translate to real under-the-covers networking behavior?
- What role does Calico play in services deployment?
Here is a short 7-minute video that explains all this and more!
In the video you’ll learn:
- How pods consume services within the cluster (Cluster IPs)
- The different ways a service can be consumed outside of the cluster (Node Ports, Load Balancers, and Service IP advertisement)
- What is External Traffic Policy and how does it impact a service?
- How Services and Network Policy interact
- How all this works under the covers in concrete networking terms
- What differences Calico’s native service handling capabilities bring to the picture compared to kube-proxy
If you enjoyed this video then you may also like:
- Everything you need to know about Kubernetes Ingress networking
- Everything you need to know about Kubernetes networking on AWS
- Everything you need to know about Kubernetes networking on Azure
- Everything you need to know about Kubernetes networking on Google Cloud
- Free online training at projectcalico.org/events or subscribe to Calico Essentials for personalized training & workshops
Free Online Training
Access Live and On-Demand Kubernetes Tutorials
Calico Enterprise – Free Trial
Solve Common Kubernetes Roadblocks and Advance Your Enterprise Adoption