Mapping ports in Kubernetes

Question

I'm trying to wrap my head around how kubernetes (k8s) utilises ports. Having read the API documentation as well as the available docs, I'm not sure how the port mapping and port flow works.

Let's say I have three containers with an externally hosted database, my k8s cluster is three on-prem CoreOS nodes, and there is a software-defined load balancer in front of all three nodes to forward traffic to all three nodes on ports 3306 and 10082.

1. Container A utilises incoming port 8080, needs to talk to Container B and C, but does not need external access. It is defined with Replication Controller A that has 1 replica.
2. Container B utilises incoming port 8081 to talk to Container A and C, but needs to access the external database on port 3306. It is defined with Replication Controller B that has 2 replicas.
3. Container C utilises incoming port 8082, needs to talk to Container A and B, but also needs external access on port 10082 for end users. It is defined with Replication Controller C that has 3 replicas.

I have three services to abstract the replication controllers.

1. Service A selects Replication Controller A and needs to forward incoming traffic on port 9080 to port 8080.
2. Service B selects Replication Controller B and needs to forward incoming traffic on ports 9081 and 3306 to ports 8081 and 3306.
3. Service C selects Replication Controller C and needs to forward incoming traffic on port 9082 to port 8082.

I have one endpoint for the external database, configured to on port 3306 with an IPv4 address.

Goals:

• Services need to abstract Replication Controller ports.
• Service B needs to be able to be reached from an external system on port 3306 on all nodes.
• Service C needs to be able to be reached from an external system on port 10082 on all nodes.

With that:

1. When would I use each of the types of ports; i.e. port, targetPort, nodePort, etc.?

Answer 1

Thanks for the very detailed setup, but I still have some questions.

1) When you say "Container" {A,B,C} do you mean Pod? Or are A, B, C containers in the same Pod?

2) "Container B utilises incoming port 8081 to talk to Container A and C" - What do you mean that it uses an INcoming port to talk to other containers? Who opens the connection, to whom, and on what destination port?

3) "needs to access the external database on port 3306" but later "needs to be able to be reached from an external system on port 3306" - Does B access an external database or is it serving a database on 3306?

I'm confused on where traffic is coming in and where it is going out in this explanation.

In general, you should avoid thinking in terms of nodes and you should avoid thinking about pods talking to pods (or containers to containers). You have some number of Services, each of which is backed by some number of Pods. Client pods (usually) talk to Services. Services receive traffic on a port and send that traffic to the corresponding targetPort on Pods. Pods receive traffic on a containerPort.

None of that requires hostPorts or nodePorts. The last question is which of these Services need to be accessed from outside the cluster, and what is your environment capable of wrt load-balancing.

If you answer this far, then I can come back for round 2 :)