Kubernetes Networking Language
5 exercises — Describe Service types, Ingress routing strategies, NetworkPolicy selector logic, CNI plugins, and cluster DNS in professional English.
0 / 5 completed
Quick reference: Kubernetes networking
- ClusterIP — default Service type; virtual IP reachable only within the cluster
- Ingress — manages HTTP/HTTPS routing to Services via host-based or path-based rules
- CNI — Container Network Interface; plugin that assigns pod IPs and enforces NetworkPolicies
1 / 5
Your application needs to be accessible only from within the Kubernetes cluster — no external ingress, no node-level port exposure. Which Service type is correct and why?
ClusterIP is the default and most restrictive Service type — the virtual IP it assigns is only routable inside the cluster, making it the natural choice for internal microservice communication.
LoadBalancer provisions an external cloud load balancer with a public IP — unnecessary and expensive for internal traffic. NodePort opens a port (30000–32767) on every node's external interface, exposing the service to anything that can reach the nodes. ExternalName is a special type used to alias an external DNS name, not to restrict access. ClusterIP gives you stable internal DNS (service-name.namespace.svc.cluster.local), load balancing across pod endpoints, and zero external exposure by default.
Key vocabulary:
• ClusterIP — default Service type; virtual IP reachable only from within the cluster
• NodePort — exposes the service on a static port on every node's external IP; accessible externally
• LoadBalancer — provisions a cloud load balancer with a public IP; extends NodePort externally
LoadBalancer provisions an external cloud load balancer with a public IP — unnecessary and expensive for internal traffic. NodePort opens a port (30000–32767) on every node's external interface, exposing the service to anything that can reach the nodes. ExternalName is a special type used to alias an external DNS name, not to restrict access. ClusterIP gives you stable internal DNS (service-name.namespace.svc.cluster.local), load balancing across pod endpoints, and zero external exposure by default.
Key vocabulary:
• ClusterIP — default Service type; virtual IP reachable only from within the cluster
• NodePort — exposes the service on a static port on every node's external IP; accessible externally
• LoadBalancer — provisions a cloud load balancer with a public IP; extends NodePort externally