How to expose services internally in Kubernetes?

· Category: Kubernetes

Short answer

Expose services internally using ClusterIP Services and DNS. Pods communicate via service names, which resolve to a virtual IP load-balanced across healthy endpoints.

Steps

  1. Create a Service with type: ClusterIP.
  2. Ensure Pods have matching labels.
  3. Reference the service by name from client Pods.

Example

apiVersion: v1
kind: Service
metadata:
  name: database
spec:
  selector:
    app: postgres
  ports:
  - port: 5432
    targetPort: 5432

Connect from another Pod:

conn = psycopg2.connect(host="database", port=5432)

Tips

  • Use headless services for direct Pod-to-Pod communication.
  • Use internal Ingress for layer 7 routing inside the cluster.
  • Document service dependencies in architecture diagrams.

Common issues

  • DNS resolution fails if the service and client are in different namespaces without the namespace suffix.
  • Missing selectors leave the service with no endpoints.
  • Network policies can block internal traffic unexpectedly.