Kubernetes Networking Deep Dive
category: DevOps
tags: kubernetes, networking, cni, containers
Pod-to-Pod Communication
- Each pod gets its own IP address
- Pods can communicate directly without NAT
- CNI plugins handle network implementation
- Flat network space across all nodes
Service Types
ClusterIP - Internal cluster communication (default)
- Only accessible within cluster
- Load balances across pod endpoints
- DNS resolution via service name
NodePort - External access via node ports
- Exposes service on each node's IP
- Port range: 30000-32767
- Good for development, not production
LoadBalancer - Cloud provider integration
- Provisions external load balancer
- Cloud-specific implementation
- Automatic external IP assignment
ExternalName - Maps to external DNS
- CNAME record for external services
- No proxying involved
- Used for service migration
Network Policies
- Kubernetes firewall rules
- Default: all pods can communicate
- Ingress and egress rules
- Requires CNI plugin support
CNI Plugins
- Calico - Layer 3, network policies
- Flannel - Simple overlay network
- Weave - Mesh networking
- Cilium - eBPF-based, advanced features
Last updated: 2025-08-26 20:00 UTC