Services in Kubernetes facilitate internal communication within the cluster. But many times, you need to expose a Kubernetes service to the outside world or external clients.
Kubernetes Node Port Service is one of the easiest ways to do so.
In this post, I will explain how to create a Kubernetes Node Port service and access it from outside the cluster.
1 – What is Kubernetes Node Port Service?
A Node Port service is a special type of service in Kubernetes.
For this service type, each cluster node opens a port on the node itself. Any incoming traffic received on that port is directed to the underlying service and the associated pods.
Here’s what it looks like in practice:
Basically, the service is not only accessible on the usual internal cluster IP and port. You can also access it through a dedicated port on all nodes.
For more details, check out this post on accessing a Kubernetes cluster ip service.
2 – How to create a Kubernetes Node Port Service?
Creating a Node Port service in Kubernetes is quite simple.
In the YAML for the service, we just set the type to
See the below example:
apiVersion: v1 kind: Service metadata: name: nodeport-demo spec: type: NodePort ports: - port: 80 targetPort: 3000 nodePort: 30100 selector: app: hello-service
Few things to keep in mind:
typefield has the value NodePort.
- In the
portvalue is the port of the service’s internal cluster IP.
targetPortvalue is the target pod of the backing pods. For example, if I have a webserver listening on port 3000, the
targetPortvalue will be 3000.
nodePortvalue is the port where the service will be accessible on each of the cluster nodes.
- Lastly, the
selectorhelps identify the backing pods for the service.
The Range of NodePort service port
nodePort has a range from 30000 to 32767. In other words, you could potentially deploy 2768 NodePort services.
If you don’t specify a value, Kubernetes will automatically allocate a suitable port number to the NodePort service.
3 – The NodePort Service in Action
After using the
kubectl apply command, you should be able to find the NodePort service in the list.
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE demo ClusterIP 10.100.68.216 <none> 80/TCP 8d nodeport-demo NodePort 10.103.152.86 <none> 80:30100/TCP 4s
TYPE of the service and the port mapping.
In case you are using something like Docker Desktop, you can now simply access the service with
For other cloud platforms, you may have to configure firewall rules to let external clients access the NodePort service.
The Kubernetes NodePort service is probably the most primitive approach to expose a service outside the Kubernetes cluster.
It’s because a client can send the request to any node. But if that particular node is down, the client cannot access the service anymore. Therefore, it makes sense to have a load balancer in front of the nodes to spread requests across all healthy nodes.
To get around these issues, there are other more sophisticated ways of accessing a service from outside the Kubernetes cluster
More on that in later posts.
You can, however, use the NodePort service in various cases such as this Jenkins Kubernetes setup process.