为什么我们需要在 Kubernetes deployment/container 定义中使用 port/containerPort?
Why do we need a port/containerPort in a Kuberntes deployment/container definition?
当我定义例如在 kubernetes 中部署有一个包含容器列表的部分,每个容器都包含一个端口数组,例如:
apiVersion: apps/v1
kind: Deployment
spec:
template:
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
现在文档 here 明确表示它不会影响连接:
List of ports to expose from the container. Exposing a port here gives
the system additional information about the network connections a
container uses, but is primarily informational. Not specifying a port
here DOES NOT prevent that port from being exposed. Any port which is
listening on the default "0.0.0.0" address inside a container will be
accessible from the network. Cannot be updated.
现在看来它并没有真正影响任何东西,只是提供信息,但这到底是什么意思,用在哪里?
我发现它的一个用途是,如果端口定义了一个名称,则可以通过该名称从服务中引用它。
是这个规格还是其他用途?
当您引用文档时,
List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated.
定义containerPorts的目的纯粹是为了文档。它仅供其他开发人员用于了解容器监听的端口。 Kubernetes 从 docker 中借鉴了这个想法,它对 EXPOSE 命令的作用与 here.
中提到的相同
当我定义例如在 kubernetes 中部署有一个包含容器列表的部分,每个容器都包含一个端口数组,例如:
apiVersion: apps/v1
kind: Deployment
spec:
template:
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
现在文档 here 明确表示它不会影响连接:
List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated.
现在看来它并没有真正影响任何东西,只是提供信息,但这到底是什么意思,用在哪里?
我发现它的一个用途是,如果端口定义了一个名称,则可以通过该名称从服务中引用它。
是这个规格还是其他用途?
当您引用文档时,
List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated.
定义containerPorts的目的纯粹是为了文档。它仅供其他开发人员用于了解容器监听的端口。 Kubernetes 从 docker 中借鉴了这个想法,它对 EXPOSE 命令的作用与 here.