You can receive the permission denied error when port forwarding with kubectl if the target port on the local host is already in use.

Ensure that you do not have a docker container or another application running on port 88.

kubectl fails to open the port 88 because it is a privileged port. All ports <1024 require special permissions.

There are many ways to solve your problem.

• You can stick to ports >= 1024, and use for example the port 8888 instead of 88: kubectl port-forward sa-frontend 8888:80
• You could use kubectl as root: sudo kubectl port-forward sa-frontend 88:80 (not recommended, kubectl would then look for its config as root)
• You could grant the kubectl binary the capability to open privileged ports. This answer explains in depth how to do this.

If you want to go for the 3rd option, here is a short way of doing it:

sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/bin/kubectl

This will let kubectl open any port while still running with the privileges of a regular user. You can check if this worked by using

sudo getcap /usr/bin/kubectl 
/usr/bin/kubectl = cap_net_bind_service+eip

Be aware that this grants the permission to whoever uses the binary. If you want finer grained permissions, use authbind.

I tried sudo as follows and it got me past the permission denied issue. sudo kubectl port-forward sa-frontend 88:80

I am now getting a different issue but will create a new tracker for that to keep things straight

Probably your localhost - the local machine is using ipv6 when ipv4 is expected.

Error listen tcp4 127.0.0.1:88: bind: permission denied, Unable to create listener: Error listen tcp6 [::1]:88: bind: permission denied

Please disable IPv6.

Can you show the output of?:

cat /proc/sys/net/ipv6/conf/all/disable_ipv6