kube-proxy and iptables vs IPVS modes
WHAT IT TESTS: How Service virtual IPs actually route. OUTLINE: kube-proxy watches Services/endpoints and programs node rules so ClusterIP traffic is DNAT'd to a backend Pod; iptables uses sequential rule chains, IPVS uses a hash table with real…
WHAT IT TESTS: Whether you know what makes a virtual ClusterIP work. ANSWER OUTLINE: kube-proxy runs on each node, watches the API for Services and EndpointSlices, and programs kernel rules so traffic to a ClusterIP is rewritten (DNAT) to one of the backend Pod IPs. In iptables mode it installs linear rule chains and picks a backend with random probability; lookup cost grows with the number of rules.
Read the original → interview
- #kubernetes
- #kube-proxy
- #iptables
- #ipvs
- #networking
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.