I have create a pod with the below yaml definition.
apiVersion: v1
kind: Pod
metadata:
name: myapp-pod
labels:
app: myapp
spec:
containers:
- name: myapp-container
image: praveensripati/docker-demo:1.2
ports:
- containerPort: 3000
And now I expose the pod, which creates a service.
kubectl expose pod myapp-pod --type=NodePort
The port 3000 on the container is exposed to port 31728 on the nodes. And I am able to do access the page using curl on port 31728.
kubectl get service myapp-pod
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
myapp-pod NodePort 10.107.254.254 <none> 3000:31728/TCP 5s
This time I wanted to expose the service not a random port, but on port 80. And so I specify the port number as 80, by using --port. The service details are a bit odd. It says that port 80 on the container is exposed to port 31316 on the nodes. Also, I am able to access the page using curl on the random port (31316 in this case) and not port 80.
kubectl expose pod myapp-pod --type=NodePort --target-port=3000 --port=80
kubectl get service myapp-pod
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
myapp-pod NodePort 10.105.123.73 <none> 80:31316/TCP 12s
I am not able to expose a service on a specific port and not on a random port. I tried a few combinations and read the k8s documentation, but no success.
How do I expose a service on a specific port instead of a random port?
Your question is about exposing the NodePort type of service on a specific port. For that you need to specify the
nodePortportskind: Service
apiVersion: v1
metadata:
name: my-service
spec:
selector:
app: myapp
ports:
- protocol: TCP
port: 3000
nodePort: 32321
type: NodePort
Note that it has to be within a given range provided in the configs. Which defaults to
30000-32767--service-node-port-rangeI had the same problem and the only way I found to do it without modifying the files was:
k expose --type=NodePort deployment nginx --port 80 --name nginx-ep-patch --overrides '{ "apiVersion": "v1","spec":{"ports": [{"port":80,"protocol":"TCP","targetPort":80,"nodePort":30080}]}}'
service/nginx-ep-patch exposed
In this way we path online the configuration and the port 30080 has been exposed:
$ k describe svc nginx-ep-patch
Name: nginx-ep-patch
Namespace: default
Labels: app=nginx
Annotations: <none>
Selector: app=nginx
Type: NodePort
IP: 10.96.51.148
Port: <unset> 80/TCP
TargetPort: 80/TCP
NodePort: <unset> 30080/TCP
Endpoints: 10.244.0.6:80
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
When an existing Dashboard service already exists, remove it.
kubectl delete service kubernetes-dashboard -n kube-systemExpose the Dashboard deployment as a NodePort.
kubectl expose deployment kubernetes-dashboard -n kube-system --type=NodePortThe above will assign a random port >= 30000. So use the Patch command to assign the port to a known, unused and desired port >= 30000.
kubectl patch service kubernetes-dashboard --namespace=kube-system --type='json' --patch='[{"op": "replace", "path": "/spec/ports/0/nodePort", "value":30000}]'Caution: Never expose your dashboard publicly without authentication.
If your cluster does not have a LoadBalancer Provider, you can specify externalIPs in IP of nodes' network interface.
For example:
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
type: ClusterIP
externalIPs:
- 125.100.99.101 # Node1-IP
- 125.100.99.102 # Node2-IP
- 192.168.55.112 # Node2-IP2
selector:
pod: nginx
ports:
- name: http
port: 80
- name: https
port: 443
This will listen 80 and 443 on the specified node, and forward to the nginx service.
I will try to answer your query here.
Also, I am able to access the page using curl on the random port (31316 in this case) and not port 80.
-- Because, kubernetes exposed the port 31316 on the host (maps to the service) and hence it can be accessed on host:31316.-- Service port is visible only within the kubernetes cluster. You can exec into a pod container and do a curl on servicename:service port instead of the NodePort.
Note the terms -
container port:Service port:Nodeport:we can expose Kubernetes service on specific node port.
Port value must be between 30000-32767.
We can expose service to specific port of below service types:
NodePort
LoadBalancer
Find the sample myservice.yaml file below:
apiVersion: v1
kind: Service
metadata:
name: app1
spec:
type: NodePort/LoadBalancer
ports:
- name: "80"
port: 80
nodePort: 32062
targetPort: 80
selector:
appone: app1
app: test
Note: In above service yaml file we can specify service type either NodePort or Loadbalancer.
Below you will find two working manifests that expose ArgoCD
Node1: If the service works with HTTPS one will need to deal with provisioning a valid certificate for the ingress.
Note2: The Ingress config posted is from Microk8s ingress
Post comments for guidance or other questions.
apiVersion: v1
kind: Service
metadata:
name: argocd-server-30k-node-port
namespace: argocd
spec:
type: NodePort
ports:
- port: 80
targetPort: 8080
nodePort: 30000
selector:
app.kubernetes.io/name: argocd-server
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: argocd-ingress namespace: argocd annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/ssl-passthrough: "true" nginx.ingress.kubernetes.io/ssl-redirect: "true" spec: ingressClassName: nginx rules: - host: argocd http: paths: - path: / pathType: Prefix backend: service: name: argocd-server port: number: 8080
For those who need to use kubectl commands, you can create a NodePort service with a specified port using
create nodeportkubectl create nodeport NAME [--tcp=port:targetPort] [--dry-run=server|client|none]
For example:
kubectl create service nodeport myservice --node-port=31000 --tcp=3000:80
You can check Kubectl reference for more: