Use a NodePort Service to expose an application
Deploy NGINX and create a NodePort Service to route external traffic to pods through node IPs.
Because edge deployments typically lack a load balancer, NodePort Services are a common way to expose applications outside the cluster.
Objectives
-
Deploy an NGINX application with two replicas in an ACK Edge cluster.
-
Create a NodePort Service to expose the application.
-
Access the application through a node IP and port.
Prerequisites
Ensure you have:
-
An ACK Edge cluster with at least one node
-
kubectlconfigured to connect to the cluster -
Permissions to create Deployments and Services in the
defaultnamespace
Network constraints in ACK Edge clusters
Nodes in an ACK Edge cluster span multiple network domains, blocking cross-domain communication between nodes and pods:
-
To restrict traffic to backend pods on the current node or node pool, configure a Service topology.
-
To avoid port conflicts across network domains, configure port isolation per node pool (recommended) .
See Services quick start.
Deploy an application
-
Create a file named
nginx.yamlwith the following content:apiVersion: apps/v1 kind: Deployment metadata: name: nginx labels: app: nginx spec: replicas: 2 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6 ports: - containerPort: 80 -
Apply the Deployment to create two NGINX pods:
kubectl apply -f nginx.yaml -
Verify that both pods are running:
kubectl get deployment nginxExpected output:
NAME READY UP-TO-DATE AVAILABLE AGE nginx 2/2 2 2 43sREADY 2/2confirms both replicas are up.
Create a NodePort Service
-
Create a file named
nginx-svc.yamlwith the following content:apiVersion: v1 kind: Service metadata: labels: app: nginx name: nginx-svc namespace: default spec: ports: - port: 80 # Port exposed by the Service within the cluster protocol: TCP targetPort: 80 # Port on the pod that receives traffic # nodePort is not set here; Kubernetes assigns one automatically (30000-32767) selector: app: nginx # Must match spec.selector.matchLabels in nginx.yaml type: NodePort -
Create the Service:
kubectl apply -f nginx-svc.yaml -
Verify the Service and note the assigned node port:
kubectl get svc nginx-svcExpected output:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx-svc NodePort 192.168.xxx.xxx <none> 80:31309/TCP 3sThe number after the colon in
PORT(S)(31309here) is the node port. -
Access the application through any node IP and the node port:
curl <Node-IP>:31309Replace
<Node-IP>with the node's IP address.
If the node is in a different network domain than your client, direct access may fail. Configure a Service topology or port isolation as described in Network constraints in ACK Edge clusters.
Clean up
To delete the resources you created:
kubectl delete svc nginx-svc
kubectl delete deployment nginx
Next steps
-
Configure a Service topology — restrict NodePort traffic to pods on the same node or node pool
-
Configure NodePort listening based on node pools — isolate node port ranges per node pool to prevent conflicts