How to expose low-numbered ports in the kubernetes mini-cluster that comes with Docker Desktop

Question

I'm using the kubernetes cluster built in to Docker Desktop to develop my application.

I would like to expose services inside the cluster as ports on localhost.

I can do so using kubectl expose deployment foobar --type=NodePort --port=30088, which creates a service like this:

apiVersion: v1
kind: Service
metadata:
  labels:
    role: web
  name: foobar
spec:
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 30088
    port: 80
    protocol: TCP
    targetPort: 80
  selector:
    role: web
  type: NodePort

But it only works for very high numbered ports. If I try something lower I get:

The Service "kafka-external" is invalid: spec.ports[0].nodePort: Invalid value: 9092: provided port is not in the valid range. The range of valid ports is 30000-32767

It seems there is a kubernetes apiserver setting called ServiceNodePortRange which would allow me to override this restriction, but I can't figure out how to set it on Docker's builtin cluster.

So my question is: how do I expose a specific, low-numbered port (like 9092) on Docker's kubernetes cluster? Is there a way to override that setting? Or a better way to expose the service than NodePort?

Answer 1

NodePort is intended to be a building block for load-balancers or other
ingress modes. This means it didn't matter which port you got as long as
you got one. This makes it a little clunky to use directly - you can't
have just any port. You can change the port range, but you run the risk of
conflicts with real things running on your nodes and with any pod HostPorts.

The default range is indeed 30000-32767 but it can be changed by setting the --service-node-port-range Update the file /etc/kubernetes/manifests/kube-apiserver.yaml and add the line --service-node-port-range=xxxxx-yyyyy.

In the Kubernetes cluster there is a kube-apiserver.yaml file which is in the directory - /etc/kubernetes/manifests/kube-apiserver.yaml but not on the kube-apiserver container/pod but on the master itself.

1. Login to Docker VM:

2. Add the following line to the pod spec:

   spec:
     containers:
     - command:
       - kube-apiserver
       ...
       - --service-node-port-range=xxxxx-yyyyy  # <-- add this line
       ...
   
   

Save and exit. Pod kube-apiserver will be restarted with new parameters.

3. Exit Docker VM (for screen: Ctrl-a,k , for container: Ctrl-d )

4. Check the results:

$ kubectl get pod kube-apiserver-docker-desktop -o yaml -n kube-system | less

Take a look: service-pod-range, changing pod range, changing-nodeport-range.