There are two kubelet nodes and each kubelet node contains several containers including server with wildfly. Even though I do not define containerPort <> hostPort, the management console can be reached with port 9990 from outside. I do not have any clue, why?
- name: server
image: registry/server:develop-latest
ports:
- name: server-https
containerPort: 8443
hostPort: 8443
In docker container inspect <container-id> I see:
"ExposedPorts": {
"9990/tcp": {},
...
So,
- Why container port 9990 is exposed? and
- Why containerPort 9990 is mapped to hostPort and I can reach the port 9990 from outside?
2
Answers
You can expose the port in two places, when you run the container, and when you build the image. Typically you only do the latter since exposing the port is documentation of what ports are likely listening for connections inside the container (it doesn’t have any affect on networking).
To see if the port was exposed at build time, you can run:
And if that port wasn’t exposed in your build, then it was likely exposed in your base image.
...I can reach the port 9990 from outside?
Presumed "outside" here means the host network; then
hostNetwork: true
in your pod spec would allow that in this case.Otherwise, please post the complete spec and describe the url/endpoint you used to "reach the port 9990" in your question.