NodePort service not accessible from outside via port number
I have the following service configuration:
kind: Service
apiVersion: v1
metadata:
name: web-srv
spec:
type: NodePort
selector:
app: userapp
tier: web
ports:
- protocol: TCP
port: 8090
targetPort: 80
nodePort: 31000
and behind this service is the nginx container. Although I can access the service via nodePort
, the service is not available via the box port
. I can see configurations with kubectl
and the Kubernetes panel, but curl
on this port (for example curl http://192.168.0.100:8090
) it throws a Disconnect communication error .
I'm not sure what the problem is. Do I need to make sure that any proxy services are running inside Node or container?
source to share
Obtain the IP address of the Kubernetes service and then press 8090; this will work. nodePort assumes the service is bound to node on port 31000.
These are three things that will work:
curl <node-ip>:<node-port> # curl <node-ip>:31000
curl <service-ip>:<service-port> # curl <svc-ip>:8090
curl <pod-ip>:<target-port> # curl <pod-ip>:80
So let's look at 3 situations:
1. You are inside a cluster of Kubernetes (you are a container)
<service-ip>
and <pod-ip>
u <node-ip>
will work.
2. You are on node
<service-ip>
and <pod-ip>
u <node-ip>
will work.
3. You are outside of node
<node-ip>
Will only work assuming it's <node-ip>
available.
source to share
The behavior is the same as expected as I am assuming that you are trying to access the service from outside the cluster. This means that it only nodePort
provides service to the world outside the cluster. port
refers to a port on a container, as shown by the container inside the container. This is generally the desired behavior to support clusters of services, which are typically represented by a load balancer. This way the load balancer will display the port that you want for its service (for example load-balancer:80
) and navigate to the Port node on all nodes to distribute the load.
If you access the service from within the cluster, you can access it through the service-name:service-port
built-in DNS.
More information can be found on the docs .
source to share