Escape k8s nodePort range

1 year ago

#176200

julius

I am forced to use the usual nodePort range 30000-32000 on managed kubernetes.

However, I need a specific port being exposed from every node outside of that range. Let's say that is port 5000. So, I've fixed nodePort=30033 on my service and I am now trying an old-school iptables redirect on my nodes to get port 5000 "redirected" to 30033:

iptables -t nat -I PREROUTING -p tcp --dport 5000 -j REDIRECT --to-port 30033

This doesn't work. I am suspecting traffic gets hijacked by kube-proxy rules before my rule is even applied.

Any ideas how to make this work with k8s-created iptables rules?

kubernetes

iptables

service-node-port-range

0 Answers

Your Answer

Posts

Questions

Blogs

Jobs