Ports exposed even though it is not defined in kubelet manifest.yaml file-CodePudding

There are two kubelet nodes and each kubelet node contains several containers including server with wildfly. Even though I do not define containerPort <> hostPort, the management console can be reached with port 9990 from outside. I do not have any clue, why?

- name: server
  image: registry/server:develop-latest
  ports:
    - name: server-https
      containerPort: 8443
      hostPort: 8443

In docker container inspect <container-id> I see:

"ExposedPorts": {
    "9990/tcp": {},
     ...

So,

Why container port 9990 is exposed? and
Why containerPort 9990 is mapped to hostPort and I can reach the port 9990 from outside?

CodePudding user response：

You can expose the port in two places, when you run the container, and when you build the image. Typically you only do the latter since exposing the port is documentation of what ports are likely listening for connections inside the container (it doesn't have any affect on networking).

To see if the port was exposed at build time, you can run:

docker image inspect registry/server:develop-latest

And if that port wasn't exposed in your build, then it was likely exposed in your base image.

CodePudding user response：

...I can reach the port 9990 from outside?

Presumed "outside" here means the host network; then hostNetwork: true in your pod spec would allow that in this case.

Otherwise, please post the complete spec and describe the url/endpoint you used to "reach the port 9990" in your question.