What is the difference between Istio VirtualService and Kubernetes Service?
Istio's VirtualServices provides, as every Istio's extensions, some additionals features such as external traffic routing/management (Pod to external communication, HTTPS external communication, routing, url rewriting...).
Take a look at this doc about it for more details : https://istio.io/docs/reference/config/networking/virtual-service
They can be both useful, as you need "classic" Services to manage ingress traffic or service-to-service communication.
Steve.
Kubernetes service
Kubernetes service
manage a pod's networking. It specifies whether your pods are exposed internally (ClusterIP
), externally (NodePort
or LoadBalancer
) or as a CNAME of other DNS entries (externalName
).
As an example this foo-service
will expose the pods with label app: foo
. Any requests sent to the node on port 30007
will be forwarded to the pod on port 80
.
apiVersion: v1kind: Servicemetadata: name: foo-servicespec: type: NodePort selector: app: foo ports: - port: 80 targetPort: 80 nodePort: 30007
Istio virtualservice
Istio virtualservice
is one level higher than Kuberenetes service
. It can be used to apply traffic routing, fault injection, retries and many other configurations to services
.
As an example this foo-retry-virtualservice
will retry 3 times with a timeout 2s each for failed requests to foo
.
apiVersion: networking.istio.io/v1alpha3kind: VirtualServicemetadata: name: foo-retry-virtualservicespec: hosts: - foo http: - route: - destination: host: foo retries: attempts: 3 perTryTimeout: 2s
Another example of this foo-delay-virtualservice
will apply a 0.5s delay to 0.1% of requests to foo
.
apiVersion: networking.istio.io/v1alpha3kind: VirtualServicemetadata: name: foo-delay-virtualservicespec: hosts: - foo http: - fault: delay: percentage: value: 0.1 fixedDelay: 5s route: - destination: host: foo
Ref
https://kubernetes.io/docs/concepts/services-networking/service/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/https://istio.io/latest/docs/reference/config/networking/virtual-service/https://istio.io/latest/docs/concepts/traffic-management/#virtual-services
Virtual Service:
It defines a set of traffic routing rules to apply to a kubernetes service or subset of service based on the matching criteria. This is something similar to kubernetes Ingress object. It plays a key role on Istio's traffic management flexible and powerful.
Kubernetes Service:
It can be a logical set of pods and defined as an abstraction on top of pods which provides single DNS name or IP.