Kubernetes Service Types - Interactive Comparison

🔒

ClusterIP

✓ Internal cluster access only

✓ Virtual IP within cluster

✓ Default service type

✓ No external exposure

BEST FOR:

Internal microservices, databases, backend APIs

🚪

NodePort

✓ External access via node IP

✓ Opens port on every node

✓ Port range: 30000-32767

✓ Builds on ClusterIP

BEST FOR:

Testing, demos, small deployments without load balancer

☁️

LoadBalancer

✓ External load balancer

✓ Cloud provider integration

✓ Public IP assignment

✓ Builds on NodePort

BEST FOR:

Production apps on cloud (AWS ELB, GCP LB, Azure LB)

🔗

ExternalName

✓ CNAME DNS mapping

✓ Points to external service

✓ No proxying involved

✓ DNS-level redirect

BEST FOR:

External databases, legacy systems, third-party APIs

ClusterIP - Internal Service

Service ClusterIP: 10.96.0.10

Service Port: 80

Target Port (Pod): 8080

Access Method: my-service.default.svc.cluster.local

apiVersion: v1 kind: Service metadata: name: my-service spec: type: ClusterIP # Default type selector: app: nginx ports: - port: 80 targetPort: 8080

Key Point: ClusterIP is the default service type. It exposes the service on an internal IP within the cluster. External clients cannot access it directly. Perfect for internal microservices communication.

NodePort - External Access via Node

External Access: 192.168.1.10:30080

NodePort: 30080 (30000-32767 range)

Service ClusterIP: 10.96.0.10:80

Target Port (Pod): 8080

apiVersion: v1 kind: Service metadata: name: my-nodeport-service spec: type: NodePort selector: app: nginx ports: - port: 80 targetPort: 8080 nodePort: 30080 # Optional, auto-assigned if not specified

Key Point: NodePort builds on ClusterIP by exposing the service on a static port on every node. External clients can access the service using any node's IP and the NodePort. Good for testing, but not ideal for production.

LoadBalancer - Cloud Provider Integration

Public Access: http://203.0.113.10

Load Balancer Type: Cloud Provider (AWS ELB / GCP LB / Azure LB)

NodePort (automatic): 30080

Service Port: 80 → 8080 (target)

apiVersion: v1 kind: Service metadata: name: my-loadbalancer-service spec: type: LoadBalancer selector: app: nginx ports: - port: 80 targetPort: 8080 protocol: TCP

Key Point: LoadBalancer builds on NodePort by provisioning an external load balancer from the cloud provider. This is the standard way to expose services to the internet in production on AWS, GCP, or Azure. Each service gets its own load balancer.

ExternalName - DNS CNAME Mapping

Service Name: my-external-service

External CNAME: database.example.com

DNS Resolution: my-external-service → database.example.com

Proxying: None (pure DNS redirect)

apiVersion: v1 kind: Service metadata: name: my-external-service namespace: default spec: type: ExternalName externalName: database.example.com # No selector, ports, or clusterIP needed

Key Point: ExternalName creates a DNS CNAME record pointing to an external service. When pods query the service name, they get redirected to the external DNS name. No proxying or load balancing occurs. Perfect for integrating with external databases, legacy systems, or third-party APIs.