Exposing services to the web

Updated on Jul 4, 2025 3 min read basics services

Exposing containers to the internet is a common task in Kubernetes, and there are several ways to accomplish this. The main methods are by using Services and Endpoints.

A Service in Kubernetes provides a single IP address and DNS name for a group of pods. It acts as an intermediary between pods and the outside world, forwarding traffic to the correct pod. There are several types of Services in Kubernetes, including ClusterIP, NodePort, LoadBalancer, and ExternalName.

The ClusterIP Service is the default Service type and is only accessible within the cluster. The NodePort Service opens a specific port on each node in the cluster and maps it to a port on the Service. The LoadBalancer Service creates a load balancer in the cloud provider, providing an external IP address for accessing the Service. The ExternalName Service maps a Service to an external DNS name.

Endpoints are a list of IP addresses and ports for pods that belong to a Service. When a Service receives a request, it uses the Endpoints to determine which pod to forward the request to.

In summary, Services and Endpoints are essential components in exposing containers to the internet in Kubernetes. They provide a way to access containers from outside the cluster and ensure that traffic is routed to the correct pods. The choice of Service type will depend on the specific requirements of the application, including accessibility, load balancing, and security.

Considering the following basic nginx example, here are examples of various Service types that can be used to expose the nginx deployment to the internet.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.14.2
        ports:
        - containerPort: 80

NodePort

apiVersion: v1
kind: Service
metadata:
  name: nginx-node-port
spec:
  selector:
    app: nginx
  ports:
  - name: http
    port: 80
    targetPort: 80
    nodePort: 30080
  type: NodePort

ClusterIP

apiVersion: v1
kind: Service
metadata:
  name: nginx-cluster-ip
spec:
  selector:
    app: nginx
  ports:
  - name: http
    port: 80
    targetPort: 80
  type: ClusterIP

LoadBalancer

apiVersion: v1
kind: Service
metadata:
  name: nginx-load-balancer
spec:
  selector:
    app: nginx
  ports:
  - name: http
    port: 80
    targetPort: 80
  type: LoadBalancer

In this example, the nginx deployment creates three replicas of the nginx container. The Service type determines how the deployment can be accessed from outside the cluster. With the NodePort Service, the deployment can be accessed by the node’s IP address and the specified node port (30080). With the ClusterIP Service, the deployment can be accessed within the cluster by the Service’s IP address. With the LoadBalancer Service, the deployment can be accessed by the external IP address provided by the cloud provider.