- Port: Port is the port number which makes a service visible to other services running within the same K8s cluster. In other words, in case a service wants to invoke another service running within the same Kubernetes cluster, it will be able to do so using port specified against “port” in the service spec file.
- Target Port: Target port is the port on the POD where the service is running.
- Nodeport: Node port is the port on which the service can be accessed from external users using Kube-Proxy.
Take a look at following spec defining a sample service:
apiVersion: v1 kind: Service metadata: name: order-service spec: ports: - port: 8080 targetPort: 8170 nodePort: 32222 protocol: TCP selector: component: order-service-app
Pay attention to some of the following in above spec:
- The port is 8080 which represents that order-service can be accessed by other services in the cluster at port 8080.
- The targetPort is 8170 which represents the order-service is actually running on port 8170 on pods
- The nodePort is 32222 which represents that order-service can be accessed via kube-proxy on port 32222.
This is ipTables in Kubernetes which does the magic. It maintains the mapping of nodePort vs targetPort. K8s Kube-Proxy uses the ipTables to resolve the requests coming on a specific nodePort and redirect them to appropriate pods.