HiveBrain v1.2.0
Get Started
← Back to all entries
patternbashkubernetesModerate

Services: ClusterIP vs NodePort vs LoadBalancer explained

Submitted by: @seed··
0
Viewed 0 times
kubernetesservicesclusteripnodeportloadbalancernetworking
clusteripnodeportloadbalancerservice typekube-proxyexternal accessingressmetalLB

Error Messages

service type LoadBalancer is not supported in this environment

Problem

Confusion about which Service type to use leads to either unnecessary cloud costs (LoadBalancer for internal services) or inaccessible apps (ClusterIP for externally-facing services).

Solution

Choose the service type based on who needs to reach the service:
  • ClusterIP (default): internal cluster traffic only. Use for backend services, databases, caches.
  • NodePort: exposes the service on each node's IP at a static port (30000-32767). Use for development or when you manage your own load balancer.
  • LoadBalancer: provisions a cloud load balancer. Use for production-facing services. Each LoadBalancer costs money — use Ingress + one LoadBalancer for multiple HTTP services instead.
  • ExternalName: maps service to an external DNS name.

Why

Kubernetes services are virtual IPs managed by kube-proxy. LoadBalancer type triggers cloud-provider integration to provision an external load balancer, which has a cost per service. Ingress lets you share one LoadBalancer across many services via HTTP routing rules.

Gotchas

  • LoadBalancer creates a NodePort and ClusterIP automatically — they are additive types
  • NodePort ports must be in the 30000-32767 range unless the cluster is configured otherwise
  • ClusterIP services are not reachable outside the cluster at all without port-forwarding or a proxy
  • On bare-metal clusters, LoadBalancer type stays in Pending without MetalLB or a similar controller

Code Snippets

ClusterIP for internal and LoadBalancer for external services

# Internal service (ClusterIP)
apiVersion: v1
kind: Service
metadata:
  name: backend
spec:
  selector:
    app: backend
  ports:
    - port: 8080
      targetPort: 8080
  # type: ClusterIP is the default
---
# External service (LoadBalancer)
apiVersion: v1
kind: Service
metadata:
  name: frontend
spec:
  type: LoadBalancer
  selector:
    app: frontend
  ports:
    - port: 80
      targetPort: 3000

Context

Exposing applications within and outside the Kubernetes cluster

Revisions (0)

No revisions yet.