Service Overview

Kubernetes services allow you to expose your applications running on a set of Pods as a network service. They provide a stable endpoint to communicate with these Pods, irrespective of their lifecycle changes.

Service Types

1. ClusterIP:

   kubectl expose pod <POD_NAME> --port=<PORT> --name=<SERVICE_NAME> --type=ClusterIP
   

   apiVersion: v1
   kind: Service
   metadata:
     name: my-clusterip-service
   spec:
     selector:
       app: my-app
     ports:
       - protocol: TCP
         port: 80
         targetPort: 8080
     type: ClusterIP
   

2. NodePort:

   kubectl expose pod <POD_NAME> --port=<PORT> --name=<SERVICE_NAME> --type=NodePort
   

   apiVersion: v1
   kind: Service
   metadata:
     name: my-nodeport-service
   spec:
     selector:
       app: my-app
     ports:
       - protocol: TCP
         port: 80
         targetPort: 8080
         nodePort: 30080
     type: NodePort
   

3. LoadBalancer:

   kubectl expose pod <POD_NAME> --port=<PORT> --name=<SERVICE_NAME> --type=LoadBalancer
   

   apiVersion: v1
   kind: Service
   metadata:
     name: my-loadbalancer-service
   spec:
     selector:
       app: my-app
     ports:
       - protocol: TCP
         port: 80
         targetPort: 8080
     type: LoadBalancer
   

Troubleshooting & Common Issues

1. Check Service Details and Events:

   kubectl describe service <SERVICE_NAME>
   

   Look for any events or configurations that might seem out of place.

2. Pods Not Matched by Selector: If you’re not getting traffic to your pods, it might be that the service selector doesn’t match any pods.

3. Check Service’s Endpoints:

   kubectl get endpoints <SERVICE_NAME>
   

   This will show you which Pods (if any) are receiving traffic from the service.

4. Restrictive Network Policies: Ensure they aren’t too restrictive, blocking traffic to your service’s pods.

5. Validate Network Plugins: Ensure they’re functioning correctly, as they might be misconfigured or encountering errors.

6. Cloud Provider Issues: Check if there are sufficient resources (like IP addresses) in your cloud account.

7. Port Conflicts: For NodePort services, ensure that the designated port isn’t being used by another service on the node.

8. Ping Test:

   ping <SERVICE_IP>
   

   From inside a Pod, try to ping the service IP to see if it’s reachable.

9. Use curl or wget:

   curl <SERVICE_IP>
   

   Inside a Pod, use curl or wget to check the service response.

10. External Connectivity: Test connectivity from outside the cluster. For LoadBalancers, ensure the right firewall rules are in place.

11. Check CoreDNS (or kube-dns) Pods:

    kubectl get pods -n kube-system
    

    Ensure DNS pods are running and healthy.

12. DNS Configuration in Pods: Check /etc/resolv.conf to see if nameservers and search domains are correctly set up.

13. Check Pod Logs:

    kubectl logs <POD_NAME>
    

    For services routing traffic to specific pods, check the logs of those pods for any application-specific issues.

14. Monitoring & Metrics: Check metrics for abnormal patterns like increased latency or error rates.

15. Use netcat or nc:

    nc -l <PORT>
    

    Use these tools to listen on a specific port and check for incoming traffic.

16. Check with istioctl: If you’re using Istio, the istioctl command-line tool can provide a lot of insights and diagnostics.