Kubernetes Networking on Outbound Packet

Question

I have created a k8s service (type=loadbalancer) with a numbers of pods behind. To my understanding, all packets initiazed from the pods will have the source ip as PodIP, wheareas those responding the inbound traffic will have the source ip as LoadBalancer IP. So my questions are:

1. Is my claim true, or there are times the source IP will be the node IP instead?
2. Are there any tricks in k8s, which I can change the source IP in the first scenario from PodIP to LB IP??
3. Any way to specify a designated pod IP??

Answer 1

The Pods are running in the internal network while the load balancer is exposed on the Internet, so the addresses of the packets will look more or less like this:

  [pod1]    <----->       [load balancer]           <----->    [browser]
10.1.0.123           10.1.0.234    201.123.41.53              217.123.41.53

For specifying the pod IP have a look at SessionAffinity.

Answer 2

As user315902 said, Azure ACS k8s exposed service to internet with Azure load balancer.

Architectural diagram of Kubernetes deployed via Azure Container Service:

Is my claim true, or there are times the source IP will be the node IP instead?

If we expose the service to internet, I think the source IP will be the load balancer public IP address. In ACS, if we expose multiple services to internet, Azure LB will add multiple public IP addresses.

Are there any tricks in k8s, which I can change the source IP in the first scenario from PodIP to LB IP??

Do you mean you want to use node public IP address to expose the service to internet? if yes, I think we can't use node IP to expose service to internet. In Azure, we had to use LB to expose service to internet.