0

I have two Kubernetes developpements: one with a Grafana pod, and the other with an InfluxDB pod.

I want:

1) to expose my Grafana:3000 to the outside word

2) Grafana to be able to connect to InfluxDB:8086

I've seen it done with two separate "services": one Grafana Service (type = NodePort, target port = 3000) and one InfluxDB service (type = ClusterIP, target port = 8086).

It works ok. Yet can/should it be done with just one "service" ?

Grim
  • 57
  • 1
  • 5

2 Answers2

3

For north south traffic i.e exposing a service outside the cluster LoadBalancer or preferably ingress is better than NodePort because when NodePort is used if the Node IP or Port changes then the clients need to make changes in the endpoint that they are using to access the service.

For east-west traffic between services within the cluster clusterIP service is good enough.

Arghya Sadhu
  • 41,002
  • 9
  • 78
  • 107
  • North-south traffic and east-wast traffic should be defined separately ? I.e using separate services ? – Grim May 18 '20 at 15:07
  • 1
    Yeah that's recommended because it brings in separation of concerns.For north south traffic you need to put more security such as TLS, WAF, DDOS protection which is not required typically for east-west inter micro service communication within the cluster – Arghya Sadhu May 18 '20 at 15:11
0

Use ingress. You can use Nginx, Caddy, or other tool provide ingress service and define the routing of the ingress there.

Arief Darmawan
  • 181
  • 2