DEV Community

Cover image for Part-102: πŸš€ Configure a NodePort Service in Google Kubernetes Engine (GKE)
Latchu@DevOps
Latchu@DevOps

Posted on

Part-102: πŸš€ Configure a NodePort Service in Google Kubernetes Engine (GKE)

In this guide, we’ll learn how to configure a Kubernetes NodePort Service in GKE, expose an application, and make it accessible from the internet.


πŸ“ Step-01: Introduction

  • NodePort Service exposes Pods to the outside world using a port on each Kubernetes Node.
  • Port range: 30000–32768
  • Access format:
http://<NODE-EXTERNAL-IP>:<NODEPORT>
Enter fullscreen mode Exit fullscreen mode
  • By default, Google Cloud blocks external access to NodePorts, so we’ll also need a Firewall Rule.

πŸ“ Step-02: Create a Deployment (01-kubernetes-deployment.yaml)

apiVersion: apps/v1
kind: Deployment 
metadata:
  name: myapp1-deployment
spec:
  replicas: 2
  selector:
    matchLabels:
      app: myapp1
  template:  
    metadata:
      name: myapp1-pod
      labels:
        app: myapp1
    spec:
      containers:
        - name: myapp1-container
          image: stacksimplify/kubenginx:1.0.0
          ports: 
            - containerPort: 80
Enter fullscreen mode Exit fullscreen mode

πŸ“ Step-03: Create a NodePort Service (02-kubernetes-nodeport-service.yaml)

πŸ‘‰ If you don’t specify a nodePort, Kubernetes will assign one dynamically from 30000–32768.

apiVersion: v1
kind: Service 
metadata:
  name: myapp1-nodeport-service
spec:
  type: NodePort
  selector:
    app: myapp1
  ports: 
    - name: http
      port: 80        # Service Port
      targetPort: 80  # Container Port
      nodePort: 30080 # Optional NodePort
Enter fullscreen mode Exit fullscreen mode

πŸ“ Step-04: Deploy Kubernetes Manifests

# Deploy
kubectl apply -f 01-kubernetes-deployment.yaml
kubectl apply -f 02-kubernetes-nodeport-service.yaml

# Verify
kubectl get deploy
kubectl get po
kubectl get svc
Enter fullscreen mode Exit fullscreen mode

n1


πŸ“ Step-05: Access Application (Before Firewall Rule)

kubectl get nodes -o wide
Enter fullscreen mode Exit fullscreen mode
  • Note down Node External IP.
  • Try accessing:
http://<NODE-EXTERNAL-IP>:30080
Enter fullscreen mode Exit fullscreen mode
  • Observation: Access will fail (firewall blocks it).

πŸ“ Step-06: Create Firewall Rule

# Replace NODE_PORT with your chosen port (e.g., 30080)
gcloud compute firewall-rules create fw-rule-gke-node-port \
    --description="Allow inbound port 30080 for all instances in a network for NodePort Service" \
    --direction=INGRESS \
    --priority=1000 \
    --network=default \
    --action=ALLOW \
    --rules=tcp:30080 \
    --source-ranges=0.0.0.0/0    

# List firewall rules
gcloud compute firewall-rules list
Enter fullscreen mode Exit fullscreen mode

πŸ“ Step-07: Access Application (After Firewall Rule)

kubectl get nodes -o wide
Enter fullscreen mode Exit fullscreen mode
  • Copy the Node External IP.
  • Access your app:
http://<NODE-EXTERNAL-IP>:30080
Enter fullscreen mode Exit fullscreen mode
  • Observation: This time it should work βœ…

n2


πŸ“ Step-08: Clean-Up

# Delete Kubernetes Resources
kubectl delete -f kube-manifests/

# Delete Firewall Rule
gcloud compute firewall-rules delete fw-rule-gke-node-port
Enter fullscreen mode Exit fullscreen mode

🎯 Key Takeaways

  • NodePort Service opens ports between 30000–32768 on nodes.
  • Needs firewall rule in GCP to allow traffic.
  • Useful for testing/dev, but not recommended for production.
  • In production β†’ Use LoadBalancer or Ingress instead.

🌟 Thanks for reading! If this post added value, a like ❀️, follow, or share would encourage me to keep creating more content.


β€” Latchu | Senior DevOps & Cloud Engineer

☁️ AWS | GCP | ☸️ Kubernetes | πŸ” Security | ⚑ Automation
πŸ“Œ Sharing hands-on guides, best practices & real-world cloud solutions

Top comments (0)