In the last article, I introduced the concept of Service, which is primarily responsible for service discovery and load balancing within the cluster. For external access to the cluster, you can use either NodePort or LoadBalancer type Services.
Kubernetes will automatically bind the port number of the cluster nodes, allowing access to the Service via “<Node IP>:<Node Port>”, and thereby ultimately accessing the application Pods proxied by the Service.
However, in a microservices architecture, multiple applications typically need to be exposed for external access. If each application is accessed through a Service binding node port, it can complicate node port management and pose security risks.
Additionally, Services provide network access via IP addresses and ports, which is a form of Layer 4 load balancing. In real-world development projects, applications are more often accessed via URLs, which requires Layer 7 load balancing.
To address the limitations of Services in handling external access requests to the cluster, Kubernetes provides the Ingress resource object. Ingress is a Layer 7 load balancer that can implement advanced routing strategies, thereby more efficiently managing external traffic to the cluster.