https://drive.google.com/file/d/1Z0gn4y0JFBx2YRg4a-zB9AsIr6RSfeTk/view?usp=sharing

๐Ÿ” YAML Breakdown

# Service
apiVersion: v1
kind: Service
metadata:
  name: nnweb-svc
  namespace: learning
  labels:
    app: hello-nn
spec:
  type: NodePort          # โ† Exposes on ALL node IPs
  ports:
  - port: 80              # โ† Service port (internal)
    nodePort: 30003       # โ† Fixed external port (30000-32767)
    protocol: TCP
  selector:
    app: hello-nn         # โ† Must match Deployment labels

---
# Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
  name: hello-deploy
  namespace: learning
spec:
  replicas: 2
  selector:
    matchLabels:
      app: hello-nn
  template:
    metadata:
      labels:
        app: hello-nn
    spec:
      containers:
      - name: webserver-pod
        image: lovelearnlinux/webserver:v1
        ports:
        - containerPort: 80

๐Ÿ”‘ Key Insight:

๐Ÿ“Œ How NodePort Works in k3s

Component Role
type: NodePort Tells Kubernetes to open a port on all nodes
nodePort: 30003 Fixed external port (optional; if omitted, k3s assigns random 30000-32767)
port: 80 Internal Service port (used by ClusterIP)
selector Links to Pods (app: hello-nn)
kube-proxy Configures iptables rules on each node to forward :30003 โ†’ Pods

๐ŸŽฏ Access Methods:

  1. Internal: curl http://nnweb-svc.learning.svc:80 (from inside cluster)
  2. External: curl http://<NODE-IP>:30003 (from laptop, browser, etc.)

๐Ÿ’ก k3s Advantage:

No cloud provider needed โ€” NodePort works out-of-the-box on bare metal!

๐Ÿงช k3s Lab: Deploy + Test External Access

๐Ÿ”ง Step 1: Deploy the Stack

# Create namespace
kubectl create namespace learning

# Apply Deployment + Service
kubectl apply -f service-nodeport.yml

# Verify
kubectl get deploy,svc,pods -n learning

๐Ÿ”ง Step 2: Verify Endpoints

# Check Pod IPs linked to Service
kubectl get endpoints nnweb-svc -n learning

# โœ… Expected:
# NAME         ENDPOINTS                         AGE
# nnweb-svc    10.42.0.10:80,10.42.1.15:80       10s

๐Ÿ”ง Step 3: Test Internal Access (ClusterIP)

# From a debug Pod
kubectl run debug -n learning --image=curlimages/curl -it --rm -- sh

# Inside shell:
curl <http://nnweb-svc:80>
# โœ… "Welcome to CrackOne!"

exit

๐Ÿ”ง Step 4: Test External Access (NodePort)

๐Ÿ’ก Get k3s node IPs:

kubectl get nodes -o wide
# NAME         STATUS   INTERNAL-IP
# k3s-master   Ready    192.168.1.10
# k3s-node1    Ready    192.168.1.11