Prerequisites: kubernetes
Pods come and go. A pod can be rescheduled to another node at any time, and it gets a new IP when it does, so any address you write down for a pod is correct only until the next reschedule. A Service is the answer to that. It is a fixed identity standing in front of a set of pods, so callers talk to the Service and never have to know which pods exist right now or where they sit.
See one on devata:
kubectl get svc -n monitoring kps-grafanaA Service selects its pods by label, and the cluster keeps a live list of the healthy ones behind it. That list is an endpointslice. The Service itself just needs an address that does not move. The default address it gets is a clusterip, reachable only from inside the cluster. Other Service types layer on top of that for outside reach: a NodePort on every node, or an external address from a load balancer like metallb.
The thing to hold is the indirection: one stable name and address out front, a changing set of real pods behind, and some component keeping the two connected. Who keeps them connected, and how, is the subject of kube-proxy and the walkthrough going-cilium-only.
Reference: Services.