refs

[phymo]

Kubernetes 的端口是怎么转发的

ContainerPort is used to decide which of the container's ports should be used by the service in case a container has multiple ports. So the container port is actually the port on the "target" part, and not of the service itself

Every container in a Pod shares the network namespace, including the IP address and network ports. Inside a Pod (and only then), the containers that belong to the Pod can communicate with one another using localhost.

Kubernetes假定Pod可以与其他Pod进行通信，无论它们降落在哪个主机上。 Kubernetes为每个Pod提供自己的群集专用IP地址，因此您无需在Pod之间显式创建链接或将容器端口映射到主机端口。 这意味着Pod中的容器可以全部访问彼此在localhost上的端口，并且群集中的所有Pod都可以在没有NAT的情况下互相看到。 本文档的其余部分详细介绍了如何在这种网络模型上运行可靠的服务。

containerPort 和 export port 应该都是只是说明作用

service 暴露端口 80, target port 默认 80 到nginx, nginx 通过 pod 的localhost proxy 到 8888

[phymo]

CMD vs ENTRYPOINT in Dockerfile vs in Kubenetes YAML

Description	Docker field name	Kubernetes field name
The command run by the container	Entrypoint	command
The arguments passed to the command	Cmd	args

When you override the default Entrypoint and Cmd, these rules apply:

• If you do not supply command or args for a Container, the defaults defined in the Docker image are used.

• If you supply a command but no args for a Container, only the supplied command is used. The default EntryPoint and the default Cmd defined in the Docker image are ignored.

• If you supply only args for a Container, the default Entrypoint defined in the Docker image is run with the args that you supplied.

• If you supply a command and args, the default Entrypoint and the default Cmd defined in the Docker image are ignored. Your command is run with your args.

> https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/