Not Exposing Event Broker Services to External Traffic

If there's no requirement to expose the event broker service outside of the Kubernetes cluster (public Internet or other VPC/VNet), Solace recommends that the customer configures the Mission Control Agent to deploy the Kubernetes Service with the Type of ClusterIP.

Using ClusterIP only

The Kubernetes Service type of ClusterIP is the default Kubernetes service. This service is created within the cluster and is accessible by other pods within that cluster. As shown below, a customer can have clients that access to different services (yellow and blue) from different worker nodes within the Kubernetes cluster.

When you use ClusterIP, these are the advantages and disadvantages when compared to using an integrated external load balancer, NodePort, or ClusterIP with External IP:

Advantages

• You get all the functionality of a load balancer solution provided within a cluster
• Requires no resources because the creation of a ClusterIP is fully handled by the Kubernetes networking layer

Disadvantages

• The service is not accessible by clients that are not running as a pod inside the Kubernetes cluster, or directly on a Worker node in the same Kubernetes cluster

For more information, see Connecting Applications with Services in the Kubernetes documentation.