Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is the "port" used for for a Kubernetes Service

Tags:

kubernetes

Considering a very simple service.yaml file:

kind: Service
apiVersion: v1
metadata:
  name: gateway-service
spec:
  type: NodePort
  selector:
    app: gateway-app
  ports:
  - name: gateway-service
    protocol: TCP
    port: 80
    targetPort: 8080
    nodePort: 30080

We know that service will route all the requests to the pods with this label app=gateway-app at port 8080 (a.k.a. targetPort). There is another port field in the service definition, which is 80 in this case here. What is this port used for? When should we use it?

From the documentation, there is also this line:

By default the targetPort will be set to the same value as the port field.

Reference: https://kubernetes.io/docs/concepts/services-networking/service/

In other words, when should we keep targetPort and port the same and when not?

like image 692
Yuchen Avatar asked Apr 22 '19 16:04

Yuchen

People also ask

What is port in Kubernetes service?

Port exposes the Kubernetes service on the specified port within the cluster. Other pods within the cluster can communicate with this server on the specified port. TargetPort is the port on which the service will send requests to, that your pod will be listening on.

What port is needed for kubectl?

The ports required for a Kubernetes deployment are: 2379/tcp: Kubernetes etcd server client API (on master nodes in multi-master deployments) 2380/tcp: Kubernetes etcd server client API (on master nodes in multi-master deployments) 6443/tcp: Kubernetes API server (master nodes)

2 Answers

In a nodePort service you can have 3 types of ports defined:

TargetPort:

As you mentioned in your question, this is the corresponding port to your pod and essentially the containerPorts you have defined in your replica manifest.

Port (servicePort):

This defines the port that other local resources can refer to. Quoting from the Kubernetes docs:

this Service will be visible [locally] as .spec.clusterIP:spec.ports[*].port

Meaning, this is not accessible publicly, however you can refer to your service port through other resources (within the cluster) with this port. An example is when you are creating an ingress for this service. In your ingress you will be required to present this port in the servicePort field:

  ...
        backend:
          serviceName: test
          servicePort: 80

NodePort:

This is the port on your node which publicly exposes your service. Again quoting from the docs:

this Service will be visible [publicly] as [NodeIP]:spec.ports[*].nodePort

like image 57
cookiedough Avatar answered Nov 15 '22 11:11

cookiedough

Port is what clients will connect to. TargetPort is what container is listening. One use case when they are not equal is when you run container under non-root user and cannot normally bind to port below 1024. In this case you can listen to 8080 but clients will still connect to 80 which might be simpler for them.

like image 22
Vasili Angapov Avatar answered Nov 15 '22 12:11

Vasili Angapov
Sign in to Comment

Related questions

k8s hpa can't get the cpu information [closed]
How can I give grafana user appropriate permission so that it can start successfully?
kubernetes - Couldn't able to join master node - error execution phase preflight: couldn't validate the identity of the API Server
Why Ingress NGINX removes my response headers
How to debug Kubernetes nginx Ingress redirection from HTTP to HTTPS
Hashicorp vault - Client sent an HTTP request to an HTTPS server - Readiness Probes
After certificates renewal, an error: "You must be logged in to the server (Unauthorized)"
What exactly does nginx.ingress.kubernetes.io/rewrite-target: /$1 mean in minikube annotation?
Which linux flavor is running
How to config simple login/pass authentication for kubernetes desktop UI
Label selector vs namespaces
How to manage page cache resources when running Kafka in Kubernetes
gitlab-runner kubernetes cache is ignored
No internet connectivity inside docker container running inside kubernetes with weave as networking
Specify Depends on in Kubernetes deployment
Why does istio-ingressgateway expose port 31400?
SignalR connection via K8S Ingress
How can I load balance reads on a master/slave redis setup?
Can't Access Kubernetes Service Exposed via NodePort
Error from server (NotFound): deployments.extensions "hello-node-64c578bdf8-jp7dt" not found

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!