Services in Kubernetes facilitate internal communication within the cluster. But many times, you need to expose a Kubernetes service to the outside world or external clients.
Kubernetes Node Port Service is one of the easiest ways to do so.
In this post, I will explain how to create a Kubernetes Node Port service and access it from outside the cluster.
1 – What is Kubernetes Node Port Service?
A Node Port service is a special type of service in Kubernetes.
For this service type, each cluster node opens a port on the node itself. Any incoming traffic received on that port is directed to the underlying service and the associated pods.
Here’s what it looks like in practice:
Basically, the service is not only accessible on the usual internal cluster IP and port. You can also access it through a dedicated port on all nodes.
For more details, check out this post on accessing a Kubernetes cluster ip service.
2 – How to create a Kubernetes Node Port Service?
Creating a Node Port service in Kubernetes is quite simple.
In the YAML for the service, we just set the type to NodePort
.
See the below example:
apiVersion: v1
kind: Service
metadata:
name: nodeport-demo
spec:
type: NodePort
ports:
- port: 80
targetPort: 3000
nodePort: 30100
selector:
app: hello-service
Few things to keep in mind:
- The
type
field has the value NodePort. - In the
ports
section, theport
value is the port of the service’s internal cluster IP. - The
targetPort
value is the target pod of the backing pods. For example, if I have a webserver listening on port 3000, thetargetPort
value will be 3000. - The
nodePort
value is the port where the service will be accessible on each of the cluster nodes. - Lastly, the
selector
helps identify the backing pods for the service.
The Range of NodePort service port
The nodePort
has a range from 30000 to 32767. In other words, you could potentially deploy 2768 NodePort services.
If you don’t specify a value, Kubernetes will automatically allocate a suitable port number to the NodePort service.
3 – The NodePort Service in Action
After using the kubectl apply
command, you should be able to find the NodePort service in the list.
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
demo ClusterIP 10.100.68.216 <none> 80/TCP 8d
nodeport-demo NodePort 10.103.152.86 <none> 80:30100/TCP 4s
Note the TYPE
of the service and the port mapping.
In case you are using something like Docker Desktop, you can now simply access the service with http://localhost:30100
.
For other cloud platforms, you may have to configure firewall rules to let external clients access the NodePort service.
Conclusion
The Kubernetes NodePort service is probably the most primitive approach to expose a service outside the Kubernetes cluster.
Why primitive?
It’s because a client can send the request to any node. But if that particular node is down, the client cannot access the service anymore. Therefore, it makes sense to have a load balancer in front of the nodes to spread requests across all healthy nodes.
To get around these issues, there are other more sophisticated ways of accessing a service from outside the Kubernetes cluster
More on that in later posts.
You can, however, use the NodePort service in various cases such as this Jenkins Kubernetes setup process.
0 Comments