Use NodePort Services to expose applications - Container Service for Kubernetes

In Kubernetes, a Service is an abstraction to expose an application running on a set of pods as a network service. This topic uses an NGINX stateless application as an example to demonstrate how to use a NodePort Service within a Container Service for Kubernetes (ACK) Edge cluster to expose an application.

Use the NodePort Service

In ACK Edge clusters, edge nodes that reside in different virtual private clouds (VPCs) cannot communicate directly. Therefore, load balancers are not applicable at the edge. The common approach for exposing services externally is to use a NodePort Service. The figure below depicts the implementation of a NodePort Service in an ACK Edge cluster. Once the NodePort Service is deployed and the backend pods are selected, the backend service can be accessed directly through the node IP address and port. For more information about Service types and their details, see Services quick start.

Usage notes

Nodes in an ACK Edge cluster are often distributed across multiple network domains, which hinders communication between nodes and containers that reside in different domains.

To ensure that traffic is only directed to the backend pods of the current node or node pool, configure a Service topology. This can help mitigate network connection issues that may arise from traffic being routed to backend pods in other network domains. For more information, see Configure a Service topology.
To listen to node ports across different network domains and avoid port conflicts, we recommend that you set up port isolation. For more information, see Configure NodePort listening based on node pools.

Procedure

Step 1: Deploy an application

Use the following YAML template to create a file named nginx.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6
        ports:
        - containerPort: 80

Run the following command to deploy the application:
```
kubectl apply -f nginx.yaml
```

Run the following command to check the deployment status of the application:

kubectl get deployment nginx

Expected output:

NAME       READY   UP-TO-DATE   AVAILABLE   AGE
nginx      2/2     2            2           43s

Step 2: Use the NodePort Service

Use the following Service YAML template to create a file named nginx-svc.yaml:

apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx
  name: nginx-svc
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:                # The spec.selector corresponds to the spec.selector.matchLabels in nginx.yaml.
    app: nginx
  type: NodePort

Run the following command to create a Service named nginx-svc.yaml for application exposure:
```
kubectl apply -f nginx-svc.yaml
```

Run the following command to verify the creation of the NodePort Service:

kubectl get svc my-nginx-svc

Expected output:

NAME         TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)        AGE
nginx-svc    NodePort    192.168.xxx.xxx   <none>        80:31309/TCP   3s

Run the following command to access the application:

curl <Node-IP>:31309 # Replace <Node-IP> with the node address that you want to access.