kubectl port-forward can be dangerous used in prod environment?

12/4/2019

I would like to know if port-forward blocks other requests to the pod like redis, mongo, etc.

If I use kubectl port-foward command with mongo port for example, the mongo server will not receive the data ?

-- BruceStackOverFlow
kubernetes
portforwarding
production-environment

1 Answer

12/4/2019

As per your comment, kubectl port-forward does not block any exposed traffic to the target pod. So adding portforward won't affect others.

What portforward does is simply making a specific request to the API server. (see doc)

Going further, I don't think port-forward makes pod more "dangerous" (vulnerable against security), however it is generally used for debugging to scope into the pod, not to expose a service in the pod. Use Nodeport service for production. Plus, port-forward has default timeout setting in kubelet.

-- dropyourcoffee
Source: StackOverflow