I am confused by port name in manifest, for example, I see a manifest containing the following section:
ports:
- name: web
nodePort: 32003
port: 80
protocol: TCP
targetPort: web
- name: websecure
nodePort: 30554
port: 443
protocol: TCP
targetPort: websecure
What port number does the targetPort: web refers to exactly for the web name port? Same question for the targetPort: websecure. Could someone please elaborate for me?
The Pod specification can include ports: and these also can include a name:. So in this case the Service's ports: [{ name: }] needs to match the Pod's ports: [{ name: }].
# in the Pod spec, often in a Deployment object
ports:
- containerPort: 8080
name: web
This setup insulates you a little bit from knowing what the actual port is. Different frameworks use different ports by default (3000, 4000, 5000, 8000, 8080 all show up in various places) and just using a name here makes it easier to be consistent.
If you use a numeric Service port number, there's no particular requirement that the Pod declares the port, though the process inside the container still must be listening on that port.
The Service's port and the Pod's port don't need to agree and I often find it convenient to set Services to listen on the default port for their protocol – TCP port 80 for unencrypted HTTP – to avoid having to manually state a port number in connections between components.
(If you are using the Istio service mesh in particular, it wants the Service port names to match standard protocol names, so I might use http and https in this example. But the specific names don't really matter beyond this.)
