K
Q

If I have a public load balancer, how does direct service-to-service communication get load balanced?

10/10/2018
                                  |--> service1:8081 --> pod1-a, pod1-b, pod1-c
   UI -> load balancer -> ingress (mydomain.com)
                                  |--> service2:8082 --> pod2-a, pod2-b, pod2-c

So from service1, I could call service2 directly with http://service2:8082, but since this is not being done through the UI -> load balancer, how does this get load balanced? Should I not call service2 directly, and call it through mydomain.com/service2 instead so it would have to go through the flow?

-- atkayla
kubernetes
kubernetes-ingress

Similar Questions

How to enable Kubernetes api server instances to connect to external networks via a proxy
Granting a Kubernetes Service Account permissions for Secrets?
eks calico allow inbound from aws classic elb to pod
Kubernetes Kubeconfig for admin credentials generated by Kops
setting up kubernetes cluster and running a database
Google Cloud - Error Reporting Client Libraries

2 Answers

10/10/2018

If you are by-passing the ingress, meaning directly calling http://service2:8082 from service1, Kubernetes would pick a random backend based on the default Proxy-mode: iptables.

You can tweak this a bit more if you are using something like ipvs. For example, set up round robin.

You can also use the old Proxy-mode: userspace if you'd like round robin only.

All these options are configurable using the -proxy-mode ProxyMode flag on the kube-proxy.

-- Rico
Source: StackOverflow
10/10/2018

Invoking a service from another service will hit the iptable routes on the node and pick service endpoint to route traffic to. This will be faster.

If you call it through mydomain.com/service2, then the flow passes through additional L7 ingress and will be comparatively slow.

-- techuser soma
Source: StackOverflow