135

I am new to Kubernetes and started reading through the documentation. There often the term 'endpoint' is used but the documentation lacks an explicit definition.

What is an 'endpoint' in terms of Kubernetes? Where is it located?

I could image the 'endpoint' is some kind of access point for an individual 'node' but that's just a guess.

Chris
  • 2,071
  • 4
  • 14
  • 22
  • Are you talking about the [Endpoint](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.12/#endpoints-v1-core) resource as used in a service or which one do you mean? Can you provide an example? – Michael Hausenblas Oct 17 '18 at 16:53
  • 1
    I stumbled over 'endpoint' in this article https://kubernetes.io/docs/concepts/services-networking/service/. – Chris Oct 17 '18 at 17:03
  • why endpoint ip is different from clusterip ? why nslookup resolves service to cluster ip if what is needed is endpoint ip within the cluster ? – Ciasto piekarz Feb 21 '21 at 21:57

7 Answers7

93

Pods expose themselves through endpoints to a service. It is if you will part of a pod.

enter image description here Source: Services and Endpoints

vadasambar
  • 447
  • 6
  • 14
  • 1
    In this image, the arrow leading into the Service is either a Load Balancer or Ingress, correct? – Timothy Pulliam Jun 14 '22 at 21:34
  • 1
    @TimothyPulliam Yeah, that's correct – Sayak Mukhopadhyay Jun 22 '22 at 12:19
  • 3
    That's a bit reductive. Service traffic can also come from other pods inside the cluster. Note that, in reality, the network traffic does not stop at the service as if it were a load balancer; the Service is an abstraction of DNS and iptables such that traffic destined for the service gets routed directly to the endpoints. – JakeRobb Jul 11 '22 at 20:32
92

While you're correct that in the glossary there's indeed no entry for endpoint, it is a well defined Kubernetes network concept or abstraction. Since it's of secondary nature, you'd usually not directly manipulate it. There's a core resource Endpoint defined and it's also supported on the command line:

$ kubectl get endpoints
NAME         ENDPOINTS            AGE
kubernetes   192.168.64.13:8443   10d

And there you see what it effectively is: an IP address and a port. Usually, you'd let a service manage endpoints (one EP per pod the service routes traffic to) but you can also manually manage them if you have a use case that requires it.

Phil
  • 401
  • 8
  • 18
Michael Hausenblas
  • 13,162
  • 4
  • 52
  • 66
  • 16
    After further reading about 'endpoint' in Kubernetes I now understand it as an object-oriented representation of a [REST API endpoint](https://smartbear.com/learn/performance-monitoring/api-endpoints/) that is populated on the [Kubernates API server](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/). Thus, the 'endpoint' in terms of Kubernetes is the way to access its resource (e.g. a Pod) - the resource behind the 'endpoint'. – Chris Oct 18 '18 at 08:37
  • 2
    Thanks for this answer. It's interesting indeed that Endpoint isn't defined in the glossary. I know it's not a term specific to Kubernetes... but neither is Service. Or Service Account. Or Volume. Or Node. Or Container! – Tim Malone Feb 25 '19 at 02:47
67

An endpoint is a resource that gets the IP addresses of one or more pods dynamically assigned to it, along with a port. An endpoint can be viewed using kubectl get endpoints.

An endpoint resource is referenced by a kubernetes service, so that the service has a record of the internal IPs of pods in order to be able to communicate with them.

We need endpoints as an abstraction layer because the 'service' in kubernetes acts as part of the orchestration to ensure distribution of traffic to pods (including only sending traffic to healthy pods). For example if a pod dies, a replacement pod will be generated, with a new IP address. Conceptually, the dead pod IP will be removed from the endpoint object, and the IP of the newly created pod will be added, so that the service is updated and 'knows' which pods to connect to.

Read 'Exposing pods to the cluster', then 'Creating a Service' here - https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#exposing-pods-to-the-cluster

An easy way to investigate and see the relationship is:

  • kubectl describe pods - and observe the IP addresses of your pods
  • kubectl get ep - and observe the IP addresses assigned to your endpoint
  • kubectl describe service myServiceName - and observe the Endpoints associated with your service

So no, the endpoint isn't anything to do with the IP of an individual node. I find it useful to understand the overall structure of kubernetes and the relationship between the cluster, nodes, services, endpoints and pods. This diagram summarises it nicely, and shows an ingress flow that results in the OSI layer 4 (the TCP layer) reaching a back end Node 1, with the OSI layer 7 (http layer) ingress ultimately reaching 'Web Container 1' in Pod 1:

enter image description here

powerful_clouds
  • 19
  • 5
Chris Halcrow
  • 28,994
  • 18
  • 176
  • 206
27

I'll answer your questions one by one:

What is an 'endpoint' in terms of Kubernetes?

(The resource name in K8S is Endpoints).

Endpoints is an object in kubernetes which represents a… List of Endpoints.
Those endpoints can be:

  1. An internal pod running inside the cluster - this is the form that is more familiar.
    It is created automatically behind the scenes for us when we create service and pods and match the service label selector to the pods labels.

  2. An external IP which is not a pod - this is the least known option.

The external IP can reside outside the cluster - for example external web server or database.
It can also reside in a different namespace - if you want to point your Service to a Service in a different Namespace inside your cluster.

Regarding external Endpoints - If you do not specify a label selector in your service - Kubernetes can’t create the list of endpoints because he doesn’t know which pods should be included and proxied by the service.

Where is it located?

Like the great diagrams provided here are shown - it sits between the service and an internal (pods) or external (web server, databases etc’) resources.

I could image the 'endpoint' is some kind of access point for an individual 'node' Its an access point to a resource that sits inside one of the nodes in your cluster.

An Endpoint can reside inside one of the nodes in your cluster, or outside your cluster / environment.

If its an internal endpoint (which means that the pod label matches a service label selector) - you can reach it with:

$kubectl describe svc/my-service


Name:                     my-service
Namespace:                default
Labels:                   <none>
Annotations:              kubectl.kubernetes.io/last-applied-configuration:
                            {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":" my-service","namespace":"...
Selector:                 run=some-run
Type:                     NodePort
IP:                       10.100.92.162
Port:                     <unset>  8080/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  31300/TCP
Endpoints:                172.21.21.2:80,172.21.38.56:80,172.21.39.160:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

Or directly with:

$kubectl get endpoints my-service

NAME           ENDPOINTS                                       AGE
my-service   172.21.21.2:80,172.21.38.56:80,172.21.39.160:80   63d

Regarding external Enpoints:

You create a service without a label selector:

apiVersion: v1
kind: Service
metadata:
  name: my-service #<------ Should match the name of Endpoints object
spec:
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 9376

So the corresponding Endpoint object will not be created automatically and you manually add the Endpoints object and map the Service to the desired network address and port where the external resource is running:

apiVersion: v1
kind: Endpoints
metadata:
  name: my-service #<------ Should match the name of Service
subsets:
  - addresses:
      - ip: 192.0.2.45
    ports:
      - port: 9376

(Notice:) I used the term internal for the auto-generated Endpoints for pods that has a match with the label selector and the term external for Endpoints that were created manually.

I could used the terms auto-generated and manual instead - that would have been more accurate but I think more confusing also.

In most cases, when the Endpoints are related to pods inside our cluster - we would want them to be also managed by K8S - in this case they will also need to be generated by K8S.

Rot-man
  • 18,045
  • 12
  • 118
  • 124
9

Think of Endpoints as 'final destination to reach an app' or 'smth at the very end'

As you can see in bellow example: pod-IP = 10.32.0.2, service-Port* = 3306, endpoint = [pod-IP]:[service-Port]

Therefore for User Bob to reach the MySql application it should address to 10.32.0.2:3306 that is the last node in the network where he can find his required information.

endpoints in k8s

An simplistic example: I want to access Google Mail in this case for me/browser the endpoint will be gmail.com:443 similar with above example [pod-IP]:[service-Port]

jhook
  • 161
  • 2
  • 4
3
  1. Endpoints track the IP Addresses of the objects the service send traffic to.
  2. When a service selector matches a pod label, that IP Address is added to your endpoints.

Source: https://theithollow.com/2019/02/04/kubernetes-endpoints/

Nitin Bansal
  • 2,986
  • 3
  • 23
  • 30
0

In k8s, Endpoints is consisted of a distributed API like "[IP]:[Port]" and other things. However,in SOAP,Endpoint is a distributed API like URL.

from Google Cloud:

Endpoints is a distributed API management system. It provides an API console, hosting, logging, monitoring, and other features to help you create, share, maintain, and secure your APIs.

Jess Chen
  • 3,136
  • 1
  • 26
  • 35