Kubernetes pod networking and service discovery

Need to understand how pods communicate within a Kubernetes cluster and how to expose services.

K8s networking model:

# Service: Stable endpoint for a set of pods
apiVersion: v1
kind: Service
metadata:
  name: my-api
spec:
  selector:
    app: my-api  # Routes to pods with this label
  ports:
    - port: 80         # Service port
      targetPort: 8080  # Container port
  type: ClusterIP  # Default: internal only

# DNS resolution within cluster:
# my-api                       -> same namespace
# my-api.default                -> specific namespace
# my-api.default.svc.cluster.local  -> fully qualified
---
# Headless service: Direct pod DNS
apiVersion: v1
kind: Service
metadata:
  name: my-db
spec:
  clusterIP: None  # Headless!
  selector:
    app: my-db
  ports:
    - port: 5432
# DNS returns individual pod IPs
# Each pod gets: pod-name.my-db.namespace.svc.cluster.local
---
# Expose externally: LoadBalancer or Ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
    - host: api.example.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: my-api
                port:
                  number: 80

# Debug networking
kubectl run debug --rm -it --image=busybox -- sh
  nslookup my-api          # Check DNS
  wget -qO- my-api:80     # Test connectivity
  nslookup my-api.default.svc.cluster.local

# Check endpoints (pods backing a service)
kubectl get endpoints my-api

# Port-forward for local debugging
kubectl port-forward svc/my-api 8080:80

Every pod gets its own IP. Services provide stable DNS names and load balancing. Understanding this model is essential for debugging connectivity issues.

Kubernetes cluster networking