https://drive.google.com/file/d/1yYMw000jMYmwQ2B88Y471PPlHWq5ygHA/view?usp=sharing
ports in a Pod?π¨ Important:
Declaring
containerPortdoes NOT publish the port outside the cluster (like-pin Docker).Itβs documentation + integration aid for:
- Services (to know which port to target)
- Tools like
kubectl port-forward- Network policies
- Human readability
Kubernetes does not block traffic if you omit ports β your app can still listen on any port. But best practice = always declare it.
pod-with-ports.yml (Minimal)apiVersion: v1
kind: Pod
metadata:
name: nnwebserver
spec:
containers:
- name: nnwebserver
image: lovelearnlinux/webserver:v1
ports:
- containerPort: 80
name: http
protocol: TCP
pod-simple-with-ports.yml (Realistic + Namespace)apiVersion: v1
kind: Pod
metadata:
name: nnappone
namespace: learning # β New! Isolates resources
labels:
app: nnappone # β Used by Services/selectors
spec:
containers:
- name: networknuts-app
image: lovelearnlinux/webserver:v1
ports:
- containerPort: 80
name: http
protocol: TCP
π‘ Key Additions in pod-simple-with-ports.yml:
namespace: learning: Scopes the Pod to a custom namespace (notdefault).labels: Critical for later (Services, Deployments).- Comments: Explain the full workflow β excellent for labs!
| Concept | Why It Matters |
|---|---|
containerPort |
Tells Kubernetes which port the app listens on (for introspection). |
name: http |
Allows referencing the port by name (e.g., in Services: targetPort: http). |
protocol: TCP |
Default is TCP, but you can use UDP (e.g., for DNS, streaming). |
| Namespace | Logical cluster partition β avoids naming conflicts, enables multi-tenancy. |
| Labels | Foundation for Service discovery (selector: { app: nnappone }). |
Weβll use pod-simple-with-ports.yml since it includes namespace + labels.
# 1. Create the 'learning' namespace
kubectl create namespace learning
# 2. Deploy the Pod
kubectl apply -f pod-simple-with-ports.yml
# 3. Verify it's running
kubectl get pods -n learning
# Should show: nnappone 1/1 Running
# 4. Get Pod IP and Node
kubectl describe pod nnappone -n learning | grep -E "IP:|Node:"
# Example output:
# IP: 10.244.0.5
# Node: minikube/192.168.49.2
# 5. OPTION A: Test from inside the cluster (using another Pod)
kubectl run tester --image=curlimages/curl -it --rm -- sh -n learning
# Inside shell:
curl <http://10.244.0.5>
# β Should return "Welcome to Network Nuts!"
# 6. OPTION B: Port-forward to your local machine
kubectl port-forward pod/nnappone 8080:80 -n learning
# Then open browser or run:
curl <http://localhost:8080>
# 7. Clean up
kubectl delete pod nnappone -n learning
kubectl delete namespace learning
π‘ Why not curl directly from your laptop to Pod IP?
Pod IPs are only reachable from inside the cluster (unless youβre on the node and have network access). Thatβs why we use
port-forwardor a temporary tester Pod.