K
Q

Kubernetes LoadBalancer best practise: avoid NodePort?

12/17/2018

We are trying to find and implement best practises for Kubernetes and LoadBalancer typed services.

We found an entry that an open NodePort is a bad-practise if you use a LoadBalancer. Kubernetes now always creates a NodePort too, when we use type: LoadBalancer

service: type: LoadBalancer port: 30111

I cannot find a hint in the documentation why this happens, if this is normal or how to avoid a NodePort here.

What's the reason Kubernetes always creates a NodePort too?

-- Ben
kubernetes

Similar Questions

Use of Labels in Kubernetes deployments
pod not restarting automatically when crashing after reaching memory limit
How to use existing AWS internal load balancer for exposing multiple Kubernetes services
How to upload the Airflow dags(workflows) without going through kubectl?
Unexpected Public IP used for egress from AKS
How to execute mongodb commands inside the bash script
Dask Helm Chart - How to create Dask-CUDA-Worker nodes
Add custom tag in dynamically provisioned EBS using aws-ebs-csi-driver
fluentbit get container_name from log file name to use as a custom field

1 Answer

12/17/2018

It's a normal behavior.
From documentation:

LoadBalancer: Exposes the service externally using a cloud provider’s load balancer. NodePort and ClusterIP services, to which the external load balancer will route, are automatically created.

The problem configuring an external load balancer and a NodePort service type, is that you would be balancing requests between the nodes twice: one time at the external load balancer and another time at svc Kubernetes level.

As far as I know, using the LoadBalancer service type Kubernetes avoids doing this and at least in EKS uses the NodePort service for health check purposes (target groups).

-- aespejel
Source: StackOverflow