Home > Software design >  What's the default Kubernetes policy to distribute requests for an internal ClusterIP service?
What's the default Kubernetes policy to distribute requests for an internal ClusterIP service?

Time:02-01

I have been wondering how an internal Kubernetes service distributes the load of requests made from within the cluster to all PODs associated with the service. For example, given the following simple service from K8s docs.

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app.kubernetes.io/name: MyApp
  ports:
    - protocol: TCP
      port: 80
      targetPort: 9376

I understand that the default service type is ClusterIP when the type property is not specified. But I couldn't find any docs clearly stating how all requests for this kind of service are distributed across the selected PODs.

The far I've got was to this post where there's a comment from Tim Hockin stating the following

The load is random, but the distribution should be approximately equal for non-trivial loads. E.g. when we run tests for 1000 requests you can see it is close to equal.

Is this the policy followed by CluterIP services? Can someone give more clarity on this topic?

CodePudding user response:

The request load distribuition depends on what proxy mode is configured in your cluster on the kube-proxy. Often the chosen configuration is iptables. And according to the documentation on it:

In this mode, kube-proxy watches the Kubernetes control plane for the addition and removal of Service and EndpointSlice objects. For each Service, it installs iptables rules, which capture traffic to the Service's clusterIP and port, and redirect that traffic to one of the Service's backend sets. For each endpoint, it installs iptables rules which select a backend Pod. By default, kube-proxy in iptables mode chooses a backend at random.

Usually this configuration is fine as probability will spread your requests somewhat evenly across pods. But if you need more more control over that you can change that configuration to IPVS mode where you can use round robin, least connections, among other options. More information on it can be seen here.

I hope this helps.

  • Related