Just contact k8S involves more port to content, easy to confuse, here sorted as follows: \

directory

  • nodePort
  • port
  • targetPort
  • containerPort
  • Refer to the article

nodePort

NodePort provides a way for external clients to access services. NodePort provides a port for external clients to access services. NodeIP :nodePort provides an entrance for external traffic to access services in the K8S cluster.

For example, if an external user wants to access a Web application in the K8S cluster, the type of the service can be set to NodePort, NodePort =30001. Other users can access the Web service through the browser http://node:30001.

Services such as databases may not need to be accessed externally, but only by internal services, so we do not need to set the NodePort of the service.

port

Port is a port exposed on the Cluster IP. :port provides an access point for clients in the cluster to access the Service. ClusterIP :port

The mysql container exposes port 3306 (see DockerFile). Other containers in the cluster access the mysql service through port 33306, but external traffic cannot access the mysql service because NodePort is not configured for the mysql service. The corresponding service.yaml is as follows:

apiVersion: v1
kind: Service
metadata:
  name: mysql-service
spec:
  ports:
  - port: 33306
    targetPort: 3306
  selector:
    name: mysql-pod
Copy the code

targetPort

TargetPort is the port on pod. The data from port/nodePort flows into the targetPort of back-end POD through Kube-proxy, and finally into the container.

The same ports that were exposed when the container was made (using EXPOSE in DockerFile), such as the official Nginx (see DockerFile) that exposed port 80. The corresponding service.yaml is as follows:

apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  type: NodePort            // Configure NodePort so that external traffic can access services in k8S
  ports:
  - port: 30080             // Service access port, a port for internal cluster access
    targetPort: 80          // Port defined in pod controller (port accessed by application)
    nodePort: 30001         // NodePort, the port accessed by external clients
  selector:
    name: nginx-pod
Copy the code

containerPort

ContainerPort is the port defined in the POD controller that the container in the POD needs to expose.

For example, the mysql service exposes port 3306 and Redis exposes port 6379

apiVersion: v1
kind: ReplicationController
metadata:
  name: redis-master
  labels: 
    name: redis-master
spec:
  replicas: 1
  selector:
    name: redis-master
  template:
    metadata:
      labels:
        name: redis-master
    spec:
      containers:
      - name: master
        image: kubeguide/redis-master
        ports:
        - containerPort: 6379	The exposed port is defined here
Copy the code

Refer to the article

Kubernetes port, target port, node port comparison analysis, and kube-proxy kubernetes nodePort, targetPort, port difference and significance