Creating a NodePort Service in OKS

A NodePort is a type of Kubernetes service that exposes your application on all worker nodes, through a specified TCP/UDP port allowing external access to the service.

You can create a NodePort service using OKS.

Creating a NodePort Service

Kubernetes allows you to open ports within the following range: 30000-32767.

To create a NodePort service, you need to attach the required annotations to your manifests.

Service manifests are the YAML or JSON configuration files defining the desired state of a Service resource. They describe how a service is exposed within your OKS cluster, with details such as:

  • The service type (ClusterIP, NodePort, LoadBalancer),

  • The ports that the service should expose,

  • The selector for the pods that the service targets,

  • All relevant annotations or labels.

The following example creates a KeyDB installation accessible on port 30379, from the 1.2.3.4/32 IP only.

Manifest Sample
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: keydb-deployment
  name: keydb-deployment
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: keydb-deployment
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: keydb-deployment
        annotations:
          cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
          nplc.oks.outscale.com/safe-to-delete: "true"
    spec:
      containers:
      - image: eqalpha/keydb:alpine
        name: keydb-container
        ports:
        - containerPort: 6379
        resources:
          requests:
            cpu: 1
        volumeMounts:
        - name: data
          mountPath: /keydb-master-data
        - name: keydb-config
          mountPath: /keydb-master
      volumes:
      - name: keydb-config
        configMap:
          name: my-keydb-config
      - name: data
        emptyDir: {}
status: {}
---
apiVersion: v1
kind: Service
metadata:
  name: keydb-service
  namespace: default
  labels:
    app: keydb-deployment
  annotations:
    service.oks.outscale.com/source-ranges: "1.2.3.4/32"
spec:
  ports:
  - port: 6379
    targetPort: 6379
    nodePort: 30379
  selector:
    app: keydb-deployment
  type: NodePort

Using Annotations In Your NodePorts

The table below lists supported annotations for your OKS NodePort services.

Lists should be comma-separated unless specified otherwise.
Annotation Description Default value

service.oks.outscale.com/source-ranges

The list of CIDRs allowed to access the NodePort.

For example: 1.2.3.4/32, 5.6.7.8/32, 9.10.11.12/32.

0.0.0.0/0 allows you to open access to the whole Internet.

None (no access)

service.oks.outscale.com/oks-target-node-pools

The list of nodes to allow external access to.

For example: nodepool-1, big-nodes, web-facing.

None (all worker nodes)

nplc.oks.outscale.com/safe-to-delete

Bypasses maintenance upgrade limitations. Required when more than one custom volume is defined in the node pool spec (only the root volume is allowed) or when pods with hostPath volumes (not daemonsets/static pods) are present. Can be applied at the node pool level (nodeAnnotations), directly on nodes, or on affected pods.

None

cluster-autoscaler.kubernetes.io/safe-to-evict

Applied to pods with hostPath volumes to allow eviction during upgrades. Has the same effect as setting nplc.oks.outscale.com/safe-to-delete: "true".

None

Related Pages

Export to PDF