Kubernetes LoadBalancer best practise: avoid NodePort?

12/17/2018

We are trying to find and implement best practises for Kubernetes and LoadBalancer typed services.

We found an entry that an open NodePort is a bad-practise if you use a LoadBalancer. Kubernetes now always creates a NodePort too, when we use type: LoadBalancer

service: type: LoadBalancer port: 30111

I cannot find a hint in the documentation why this happens, if this is normal or how to avoid a NodePort here.

What's the reason Kubernetes always creates a NodePort too?

-- Ben
kubernetes

1 Answer

12/17/2018

It's a normal behavior.
From documentation:

LoadBalancer: Exposes the service externally using a cloud provider’s load balancer. NodePort and ClusterIP services, to which the external load balancer will route, are automatically created.

The problem configuring an external load balancer and a NodePort service type, is that you would be balancing requests between the nodes twice: one time at the external load balancer and another time at svc Kubernetes level.

As far as I know, using the LoadBalancer service type Kubernetes avoids doing this and at least in EKS uses the NodePort service for health check purposes (target groups).

-- aespejel
Source: StackOverflow