服务是一种抽象，用于将流量重定向到底层pod。 因此:

端口:80——>标识服务正在侦听的端口 targetPort: 8080——>标识部署底层pod的目标端口

对my_service:80的调用将把流量重定向到8080上的底层pod(根据给定的示例)。

如果容器监听端口9376，那么 发送:9376

如果服务在端口80上侦听，则 端口:80

然后服务端口配置如下所示

ports:
 - protocol: TCP
   port: 80
   targetPort: 9376

最后，请求接收到服务的端口，并在pod的targetPort上转发。

我认为形象是最好的描述。

NodePort =将kubernetes服务对外公开到internet Port =将在集群中公开kubernetes服务，这样多个不同pod之间的通信就可以发生，并将请求重定向到TargetPort(因为不可能在同一个端口上运行多个pod, K8S引入了Port来处理可重用性) TargetPort =容器正在运行的实际端口

作为在docker-compose中指定的参考

ports:
  - 8080:80

从上面你可以比较8080是主机端口代表端口，80是目标端口

服务:这将流量引导到一个豆荚。

TargetPort:这是您的应用程序在容器中运行的实际端口。

端口:有时容器中的应用程序在不同的端口上提供不同的服务。

示例:实际应用程序可以运行8080，该应用程序的健康检查可以在容器的8089端口上运行。 因此，如果你点击没有端口的服务，它不知道应该将请求重定向到容器的哪个端口。服务需要有一个映射，这样它才能到达容器的特定端口。

kind: Service
apiVersion: v1
metadata:
  name: my-service
spec:
  selector:
    app: MyApp
  ports:
    - name: http
      nodePort: 30475
      port: 8089
      protocol: TCP
      targetPort: 8080
    - name: metrics
      nodePort: 31261
      port: 5555
      protocol: TCP
      targetPort: 5555
    - name: health
      nodePort: 30013
      port: 8443
      protocol: TCP
      targetPort: 8085 

if you hit the my-service:8089 the traffic is routed to 8080 of the container(targetPort). Similarly, if you hit my-service:8443 then it is redirected to 8085 of the container(targetPort). But this myservice:8089 is internal to the kubernetes cluster and can be used when one application wants to communicate with another application. So to hit the service from outside the cluster someone needs to expose the port on the host machine on which kubernetes is running so that the traffic is redirected to a port of the container. This is node port(port exposed on the host machine). From the above example, you can hit the service from outside the cluster(Postman or any rest-client) by host_ip:nodePort

假设您的主机ip为10.10.20.20，您可以通过10.10.20.20:30475、10.10.20.20:31261、10.10.20.20:30013访问http、metrics、运行状况服务。

编辑:根据Raedwald的评论编辑。

@Manikanta P上面给出的答案是正确的。然而，“Port”的解释初读时可能有点不清楚。我将用一个例子来解释:

考虑一个web应用程序，它的静态内容(首页，图像等)由httpd托管，而动态内容(例如。响应请求等)由tomcat托管。Webserver(或静态内容)由httpd在80端口提供，而Appserver(或动态内容)由tomcat在8080端口提供。

开发者想要的:用户应该能够从外部访问web服务器，但不能从外部访问应用服务器。

解决方案:服务中的web服务器的服务类型。yml将是NodePort，而Appserver的service-type在其服务中。yml将是ClusterIP。

webserver的service.yml代码:

spec:
  selector:
    app: Webserver
  type: NodePort        // written to make this service accessible from outside.
  ports:
    - nodePort: 30475   // To access from outside, type <host_IP>:30475 in browser.
      port: 5050        // (ignore for now, I will explain below).
      protocol: TCP
      targetPort: 80  // port where httpd runs inside the webserver pod.

Appserver的service.yml代码

spec:
  selector:
    app: appserver
  type: ClusterIP        // written to make this service NOT accessible from outside.
  ports:
    - port: 5050         // port to access this container internally
      protocol: TCP
      targetPort: 8080   // port where tomcat runs inside the appserver pod.

还要注意，在Webserver的httpd.conf文件中，我们将写入将用户请求重定向到应用服务器的IP。这个IP将是:host_IP:5050。

What exactly is happening here? A user writes hostIP:30475 and sees the Webserver's page. This is because it is being served by httpd at port 80 (targetport). When a user clicks a button, a request is made. This request is redirected to the Appserver because in httpd.conf file, the port 5050 is mentioned and this is the port where Appserver's container and Webserver's conatainer communicate internally. When the appserver receives the request, it is able to serve the request because of tomcat running inside it at port 8080.