What is the difference between Istio VirtualService and Kubernetes Service?

Kubernetes service

Kubernetes service manage a pod's networking. It specifies whether your pods are exposed internally (ClusterIP), externally (NodePort or LoadBalancer) or as a CNAME of other DNS entries (externalName).

As an example this foo-service will expose the pods with label app: foo. Any requests sent to the node on port 30007 will be forwarded to the pod on port 80.

apiVersion: v1
kind: Service
metadata:
  name: foo-service
spec:
  type: NodePort
  selector:
    app: foo
  ports:
    - port: 80
      targetPort: 80
      nodePort: 30007

Istio virtualservice

Istio virtualservice is one level higher than Kuberenetes service. It can be used to apply traffic routing, fault injection, retries and many other configurations to services.

As an example this foo-retry-virtualservice will retry 3 times with a timeout 2s each for failed requests to foo.

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: foo-retry-virtualservice
spec:
  hosts:
  - foo
  http:
  - route:
    - destination:
        host: foo
    retries:
      attempts: 3
      perTryTimeout: 2s

Another example of this foo-delay-virtualservice will apply a 0.5s delay to 0.1% of requests to foo.

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: foo-delay-virtualservice
spec:
  hosts:
  - foo
  http:
  - fault:
      delay:
        percentage:
          value: 0.1
        fixedDelay: 5s
    route:
    - destination:
        host: foo

Ref

https://kubernetes.io/docs/concepts/services-networking/service/ https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ https://istio.io/latest/docs/reference/config/networking/virtual-service/ https://istio.io/latest/docs/concepts/traffic-management/#virtual-services


Istio's VirtualServices provides, as every Istio's extensions, some additionals features such as external traffic routing/management (Pod to external communication, HTTPS external communication, routing, url rewriting...).

Take a look at this doc about it for more details : https://istio.io/docs/reference/config/networking/virtual-service

They can be both useful, as you need "classic" Services to manage ingress traffic or service-to-service communication.

Steve.


Virtual Service:

It defines a set of traffic routing rules to apply to a kubernetes service or subset of service based on the matching criteria. This is something similar to kubernetes Ingress object. It plays a key role on Istio's traffic management flexible and powerful.

Kubernetes Service:

It can be a logical set of pods and defined as an abstraction on top of pods which provides single DNS name or IP.

Tags:

Kubernetes

Istio

Recent Posts