DEV Community

Cover image for Part-102: ๐Ÿš€ Configure a NodePort Service in Google Kubernetes Engine (GKE)
Latchu@DevOps
Latchu@DevOps

Posted on

Part-102: ๐Ÿš€ Configure a NodePort Service in Google Kubernetes Engine (GKE)

#kubernetes #googlecloud #devops #cloud

In this guide, weโ€™ll learn how to configure a Kubernetes NodePort Service in GKE, expose an application, and make it accessible from the internet.

๐Ÿ“ Step-01: Introduction

  • NodePort Service exposes Pods to the outside world using a port on each Kubernetes Node.
  • Port range: 30000โ€“32768
  • Access format: 
http://<NODE-EXTERNAL-IP>:<NODEPORT>
Enter fullscreen mode Exit fullscreen mode
  • By default, Google Cloud blocks external access to NodePorts, so weโ€™ll also need a Firewall Rule.

๐Ÿ“ Step-02: Create a Deployment (01-kubernetes-deployment.yaml) 

apiVersion: apps/v1
kind: Deployment 
metadata:
  name: myapp1-deployment
spec:
  replicas: 2
  selector:
    matchLabels:
      app: myapp1
  template:  
    metadata:
      name: myapp1-pod
      labels:
        app: myapp1
    spec:
      containers:
        - name: myapp1-container
          image: stacksimplify/kubenginx:1.0.0
          ports: 
            - containerPort: 80
Enter fullscreen mode Exit fullscreen mode

๐Ÿ“ Step-03: Create a NodePort Service (02-kubernetes-nodeport-service.yaml)

๐Ÿ‘‰ If you donโ€™t specify a nodePort, Kubernetes will assign one dynamically from 30000โ€“32768.

apiVersion: v1
kind: Service 
metadata:
  name: myapp1-nodeport-service
spec:
  type: NodePort
  selector:
    app: myapp1
  ports: 
    - name: http
      port: 80        # Service Port
      targetPort: 80  # Container Port
      nodePort: 30080 # Optional NodePort
Enter fullscreen mode Exit fullscreen mode

๐Ÿ“ Step-04: Deploy Kubernetes Manifests 

# Deploy
kubectl apply -f 01-kubernetes-deployment.yaml
kubectl apply -f 02-kubernetes-nodeport-service.yaml

# Verify
kubectl get deploy
kubectl get po
kubectl get svc
Enter fullscreen mode Exit fullscreen mode

n1

๐Ÿ“ Step-05: Access Application (Before Firewall Rule) 

kubectl get nodes -o wide
Enter fullscreen mode Exit fullscreen mode
  • Note down Node External IP.
  • Try accessing: 
http://<NODE-EXTERNAL-IP>:30080
Enter fullscreen mode Exit fullscreen mode
  • Observation: Access will fail (firewall blocks it).

๐Ÿ“ Step-06: Create Firewall Rule 

# Replace NODE_PORT with your chosen port (e.g., 30080)
gcloud compute firewall-rules create fw-rule-gke-node-port \
    --description="Allow inbound port 30080 for all instances in a network for NodePort Service" \
    --direction=INGRESS \
    --priority=1000 \
    --network=default \
    --action=ALLOW \
    --rules=tcp:30080 \
    --source-ranges=0.0.0.0/0    

# List firewall rules
gcloud compute firewall-rules list
Enter fullscreen mode Exit fullscreen mode

๐Ÿ“ Step-07: Access Application (After Firewall Rule) 

kubectl get nodes -o wide
Enter fullscreen mode Exit fullscreen mode
  • Copy the Node External IP.
  • Access your app: 
http://<NODE-EXTERNAL-IP>:30080
Enter fullscreen mode Exit fullscreen mode
  • Observation: This time it should work โœ…

n2

๐Ÿ“ Step-08: Clean-Up 

# Delete Kubernetes Resources
kubectl delete -f kube-manifests/

# Delete Firewall Rule
gcloud compute firewall-rules delete fw-rule-gke-node-port
Enter fullscreen mode Exit fullscreen mode

๐ŸŽฏ Key Takeaways

  • NodePort Service opens ports between 30000โ€“32768 on nodes.
  • Needs firewall rule in GCP to allow traffic.
  • Useful for testing/dev, but not recommended for production.
  • In production โ†’ Use LoadBalancer or Ingress instead.

๐ŸŒŸ Thanks for reading! If this post added value, a like โค๏ธ, follow, or share would encourage me to keep creating more content.

โ€” Latchu | Senior DevOps & Cloud Engineer

โ˜๏ธ AWS | GCP | โ˜ธ๏ธ Kubernetes | ๐Ÿ” Security | โšก Automation
๐Ÿ“Œ Sharing hands-on guides, best practices & real-world cloud solutions

Top comments (0)