Kubernetes pod access without mentioning container port

8/22/2018

I made a customer-pod (including image with a spring boot application running on port 8080).

** On the yaml file, I didnt explicitly write container port number like spec:containers:port:8080.

kind: Pod  
apiVersion: v1
metadata:
name: customer-pod
spec:
  containers:
    - name: customer-pod
      image: docker.temp.com/customer-service:8

I can check it with "$ kubectl get pods commands -o wide"

\===========================================

NAME READY STATUS RESTARTS AGE IP NODE

customer-pod 1/1 Running 0 43m 10.43.1.17 default

\===========================================

After that,

$ curl 10.43.1.17:8080
{"timestamp":"2018-08-22T05:58:58.938+0000","status":404,"error":"Not Found","message":"No message available","path":"/"}

I wonder how I can access the customer port(8080) without port open.
In case of Docker, I know that I should explicitly write a port in the run command to connect it.
In Kubernetes, are ports automatically open?

-- sury
kubernetes

1 Answer

8/22/2018

You do not open port in kubernetes. By default, all pods can communicate to each other, in most setups also node-to-port will be allowed. Refering to Docker you mean the port mapping -p option, which also is not port opening (you can access docker container ports if you use container IP even if not mapped to expose outside of container).

If you want to restrict cross-pod networking you need to use Network Policies and networking solution capable of enforcing them.

-- Radek 'Goblin' Pieczonka
Source: StackOverflow