External service integration via Endpoints¶

External service integration via Endpoints is a technique in Kubernetes that allows a cluster to internally connect to services running outside the cluster, such as an external database or a legacy application.^[400-devops-06-kubernetes-out-network-k8s.md] This method enables internal pods to access an external IP address using a standard Kubernetes Service name, effectively treating the external resource as part of the internal cluster network.^[400-devops-06-kubernetes-out-network-k8s.md]

Implementation via Headless Service¶

The integration is typically achieved by creating a Headless Service (a service with clusterIP: None) and manually defining an Endpoints object with the same name.^[400-devops-06-kubernetes-out-network-k8s.md]

Because the Kubernetes controller automatically creates Endpoints based on the label selectors of a Service, omitting the selector in the Service definition prevents this automatic behavior.^[400-devops-06-kubernetes-out-network-k8s.md] This allows the user to manually create a custom Endpoints resource that directs traffic to the external IP address.^[400-devops-06-kubernetes-out-network-k8s.md]

Configuration Example¶

The following configuration demonstrates how to map an internal service to an external IP address.^[400-devops-06-kubernetes-out-network-k8s.md]

Service Definition (mysql_svc.yml): The Service is defined without a selector and with clusterIP: None to indicate it is headless.^[400-devops-06-kubernetes-out-network-k8s.md]

apiVersion: v1
kind: Service
metadata:
  name: mysql-svc
  namespace: default
spec:
  clusterIP: None
  ports:
    - name: default-ep
      port: 3306
      protocol: TCP
      targetPort: 3306
  type: ClusterIP

Endpoints Definition: The Endpoints object must share the same name as the Service and contains the actual IP address of the external service.^[400-devops-06-kubernetes-out-network-k8s.md]

apiVersion: v1
kind: Endpoints
metadata:
  name: mysql-svc
  namespace: default
subsets:
  - addresses:
      - ip: 114.32.146.154
    ports:
      - name: default-ep
        port: 3306
        protocol: TCP

Verification¶

Once applied, internal pods can access the external service using the standard service DNS name (e.g., mysql-svc) or the fully qualified domain name.^[400-devops-06-kubernetes-out-network-k8s.md] For example, a utility Pod within the cluster can successfully curl an external web service mapped this way using its internal service address.^[400-devops-06-kubernetes-out-network-k8s.md]

Related Concepts¶

• [[Kubernetes Services]]
• [[Headless Service]]
• [[Service Discovery]]
• Ingress

Sources¶

^[400-devops-06-kubernetes-out-network-k8s.md]