Chapter 10. Networking

Just as with any distributed system, Kubernetes relies on the network in order to provide connectivity between services, as well as for connecting external users to exposed workloads.

Managing networking in traditional application architectures has always proven quite difficult. In many organizations, there was a segregation of duties—developers would create their applications, and operators would be responsible for running them. Many times, as the application evolved, the needs from the networking infrastructure would drift. In the best of scenarios, the application simply would not operate, and an operator would take corrective action. However, in the worst of scenarios, significant gaps in areas like network security would arise.

Kubernetes allows developers to define network resources and policies that can live alongside their application deployment manifests. These resources and policies may be well scoped by cluster administrators and can leverage any number of best-of-breed technology implementations using common abstraction layers. By removing developers from the nuts and bolts of how the network works, and by colocating the demands of the infrastructure with those of the application, we can have better assurances that our applications can be delivered in a consistent and secure manner.