K
Q

kubectl port-forward can be dangerous used in prod environment?

12/4/2019

I would like to know if port-forward blocks other requests to the pod like redis, mongo, etc.

If I use kubectl port-foward command with mongo port for example, the mongo server will not receive the data ?

-- BruceStackOverFlow
kubernetes
portforwarding
production-environment

Similar Questions

Odp.Net core support for kubernetes
uid : unable to do port forwarding: socat not found using helm
Istio VirtualService rewrite prefix works like exact match
Getting "Unable to recognize \"hello-k8s.yml\": Unauthorized" error when running kubectl apply -f hello-k8s.yml in CodeBuild phase
Kubectl commands cannot be executed from another VM
How to update /etc/services for k8s pod / Docker container
Deployment affinity
NFS/hostPath mount as non-root in kubernetes

1 Answer

12/4/2019

As per your comment, kubectl port-forward does not block any exposed traffic to the target pod. So adding portforward won't affect others.

What portforward does is simply making a specific request to the API server. (see doc)

Going further, I don't think port-forward makes pod more "dangerous" (vulnerable against security), however it is generally used for debugging to scope into the pod, not to expose a service in the pod. Use Nodeport service for production. Plus, port-forward has default timeout setting in kubelet.

-- dropyourcoffee
Source: StackOverflow