What are Kubernetes Services?

A Service provides a stable network endpoint (DNS name + IP) for accessing a set of Pods, regardless of which pods are running or their IPs (pods are ephemeral — their IPs change). Services use label selectors to identify target pods. Service types: (1) ClusterIP (default): virtual IP accessible only within the cluster. Used for internal service-to-service communication. DNS: my-service.my-namespace.svc.cluster.local; (2) NodePort: exposes service on each node's IP at a static port (30000-32767). Accessible externally: NodeIP:NodePort. Not for production — limited to specific nodes; (3) LoadBalancer: provisions a cloud load balancer (AWS ALB/NLB, GCP Load Balancer). Accessible externally via the LB IP. Standard for production external services. Cost: one LB per service; (4) ExternalName: maps service to an external DNS name (CNAME). No proxying — DNS alias to external service. Service spec: apiVersion: v1 kind: Service metadata: name: my-service spec: selector: app: my-app type: ClusterIP ports: - protocol: TCP port: 80 # Service port targetPort: 3000 # Container port. Headless service: clusterIP: None — no virtual IP, DNS returns individual pod IPs. Used with StatefulSets for stable pod DNS. Load balancing: kube-proxy uses iptables or IPVS to distribute traffic across pod endpoints. Session affinity: sessionAffinity: ClientIP.