EndpointSlices and Service Topology
Understand EndpointSlices for scalable service discovery in Kubernetes. Covers topology-aware routing and traffic localization for large clusters.
π‘ Quick Answer: EndpointSlices replace Endpoints for clusters with 100+ pod backends. Enable topology-aware routing with
service.kubernetes.io/topology-mode: Autoto prefer same-zone backends β reducing cross-zone data transfer costs by 60-80%.
The Problem
With the legacy Endpoints API, every endpoint change (pod scale, rolling update) sends the FULL endpoint list to every node. For a Service with 1000 pods, thatβs 1000 endpoints Γ N nodes = massive etcd and network overhead. EndpointSlices split this into manageable chunks.
The Solution
EndpointSlices
apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
metadata:
name: web-frontend-abc12
labels:
kubernetes.io/service-name: web-frontend
addressType: IPv4
endpoints:
- addresses: ["10.244.1.5"]
conditions:
ready: true
zone: "eu-west-1a"
nodeName: worker-1
- addresses: ["10.244.2.8"]
conditions:
ready: true
zone: "eu-west-1b"
nodeName: worker-3
ports:
- name: http
port: 8080
protocol: TCPEach EndpointSlice holds up to 100 endpoints. A Service with 500 pods = 5 EndpointSlices.
Topology-Aware Routing
apiVersion: v1
kind: Service
metadata:
name: web-frontend
annotations:
service.kubernetes.io/topology-mode: Auto
spec:
selector:
app: web-frontend
ports:
- port: 80
targetPort: 8080With topology-mode: Auto, kube-proxy routes traffic to same-zone endpoints when possible:
graph TD
subgraph Zone A
CLIENT[Client Pod<br/>Zone A] -->|Prefer local| BACKEND_A[Backend Pod<br/>Zone A]
end
subgraph Zone B
BACKEND_B[Backend Pod<br/>Zone B]
end
subgraph Zone C
BACKEND_C[Backend Pod<br/>Zone C]
end
CLIENT -.->|Fallback if Zone A<br/>has no ready pods| BACKEND_B
CLIENT -.->|Fallback| BACKEND_CEndpoints vs EndpointSlices Performance
| Metric | Endpoints | EndpointSlices |
|---|---|---|
| 1000 pod Service update | Full 1000-entry object | Only affected slice (~100 entries) |
| etcd write size | Large (O(n)) | Small (O(1) per slice) |
| kube-proxy memory | High | 10x lower at scale |
| API server watch traffic | High | Significantly reduced |
Common Issues
Topology-aware routing sends all traffic to one zone
If zone capacity is imbalanced (10 pods in zone A, 2 in zone B), Kubernetes falls back to cluster-wide routing. Ensure even pod distribution with topology spread constraints.
EndpointSlice not updating β stale endpoints
Check EndpointSlice controller: kubectl get events -n kube-system | grep endpointslice. Ensure the Service selector matches pod labels exactly.
Best Practices
- EndpointSlices are the default since K8s 1.21 β no action needed for most clusters
- Enable topology-aware routing for multi-zone clusters β reduces cross-zone costs
- Combine with topology spread constraints β even distribution enables topology routing
- Monitor EndpointSlice count β too many slices (>50 per Service) indicates churn
- Legacy Endpoints API still works β but causes performance issues above ~300 pods per Service
Key Takeaways
- EndpointSlices are the scalable replacement for the Endpoints API
- Each slice holds up to 100 endpoints β updates are incremental, not full-list
- Topology-aware routing prefers same-zone backends β reduces cross-zone data transfer
topology-mode: Autofalls back to cluster-wide if zone capacity is imbalanced- Essential for large clusters (100+ pods per Service) β 10x less API server and etcd load
Recommended
Kubernetes Recipes β The Complete Book100+ production-ready patterns with detailed explanations, best practices, and copy-paste YAML. Everything in one place.
Get the Book βLearn by Doing
CopyPasteLearn β Hands-on Cloud & DevOps CoursesMaster Kubernetes, Ansible, Terraform, and MLOps with interactive, copy-paste-run lessons. Start free.
Browse Courses β
π Deepen Your Skills β Hands-on Courses
Courses by CopyPasteLearn.com β Learn IT by Doing
Want More Kubernetes Recipes?
This recipe is from Kubernetes Recipes, our 750-page practical guide with hundreds of production-ready patterns.