Understanding Native Kubernetes Objects for Service‑to‑Service Communication: ClusterIP, CoreDNS, and Kube‑proxy

Deep dive into three native Kubernetes objects that enable service‑to‑service communication: ClusterIP Service, DNS (CoreDNS), and Kube‑proxy.

Traditional Service‑to‑Service Communication

Before Kubernetes, services communicated via static IP addresses or DNS name resolution, which works only for a few services.

Kubernetes Network Model

Kubernetes clusters consist of a control plane and worker nodes that host Pods, each running a containerized micro‑service.

According to the Kubernetes network model:

Each Pod receives a unique cluster‑wide IP address.

All Pods can communicate with every other Pod.

Communication occurs without NAT, preserving source IPs; the network is considered trusted.

ClusterIP Service – Pod‑Level Abstraction

Although each Pod has its own IP, Pods are ephemeral; their IPs change on recreation, making direct Pod‑to‑Pod calls fragile.

Kubernetes introduces a stable virtual IP (ClusterIP) that fronts a set of Pods and provides basic load‑balancing.

Clients talk to the ClusterIP address instead of individual Pods.

牛逼啊！接私活必备的 N 个开源项目！赶快收藏

The ClusterIP service uses label selectors to match Pods and can split traffic between different versions of a micro‑service.

CoreDNS – In‑Cluster Service Discovery

Clients need to resolve the Service name to an IP address. CoreDNS runs as a DNS server inside the cluster and populates entries for each Service (and optionally each Pod).

CoreDNS watches for Service creation and adds DNS records.

CoreDNS itself is exposed via a Service (kube‑dns) and configured as the nameserver for Pods.

Pods query CoreDNS to obtain the Service IP and then connect.

Kube‑proxy – DNAT Between Service and Backend Pods

Kube‑proxy runs on every node, watches Services and their Endpoints, intercepts traffic destined for a Service IP, and rewrites the destination to the actual Pod IP.

How the Pieces Work Together

Interaction flow:

The target Service is registered in CoreDNS.

Pods resolve the Service name via CoreDNS.

The Pod sends a request to the Service IP.

Kube‑proxy translates the Service IP to a backend Pod IP.

Summary

The article reveals the three native Kubernetes objects—ClusterIP Service, CoreDNS, and Kube‑proxy—that make service‑to‑service communication possible while abstracting the underlying network details from applications.

Original source: https://medium.com/codex/east-west-communication-in-kubernetes-how-do-services-communicate-within-a-cluster-310e9dc9dd53