Separating internal and external services
Internal services are services that are accessed directly only by other services or jobs in the cluster (or administrators that log in and run ad-hoc tools). In some cases, internal services are not accessed at all, and just perform their function and store their results in a persistent store that other services access in a decoupled way.
But some services need to be exposed to users or external programs. Let's look at a fake Hue service that manages a list of reminders for a user. It doesn't do anything, but we'll use it to illustrate how to expose services.
I pushed the dummy Hue-reminders image to DockerHub:
docker push g1g1/hue-reminders:v2.2
Deploying an internal service
Here is the deployment, which is very similar to the Hue-learner deployment, except that I dropped the annotations, env, and resources sections, kept just one label to save space, and added a ports section to the container. That's crucial, because a service must expose a port through...
