# Services

A **Service** provides a stable network identity (DNS name + virtual IP) and load balancing to a set of Pods selected by labels.


## Why Services are used
- Pods are ephemeral; their IPs change.
- A Service gives a stable endpoint like `http://checkout.default.svc.cluster.local`.
- It load-balances traffic across all matching pods.


## Service types (common)
- **ClusterIP** (default): reachable inside the cluster.
- **NodePort**: opens a port on every node.
- **LoadBalancer**: provisions a cloud load balancer (cloud-dependent).
- **Headless** (`clusterIP: None`): no VIP; used with StatefulSets for stable DNS per pod.


## YAML template (pseudo)
```yaml
apiVersion: v1
kind: Service
metadata:
  name: checkout
spec:
  type: ClusterIP
  selector:
    app: checkout
  ports:
    - name: http
      port: 80
      targetPort: 8080
```


## Pitfalls
- If the `selector` does not match pod labels, the Service has no endpoints.
- NodePort/LoadBalancer expose traffic; ensure auth, TLS, and network controls.
- Use readiness probes so unready pods are removed from Service endpoints.

## References
- Services: https://kubernetes.io/docs/concepts/services-networking/service/
