kubectl-expose

Create a service for a resource, which will be served from container port to node port

$ kubectl expose [resource_type] [resource_name] --port [node_port] --target-port [container_port]

$ kubectl expose [[-f|--filename]] [path/to/file.yml] --port [node_port] --target-port [container_port]

$ kubectl expose [resource_type] [resource_name] --port [node_port] --name [service_name]

kubectl expose (deployment|pod|replicaset|rc|service|...) NAME
[--external-ip=EXTERNAL_IP] [--load-balancer-ip=LOAD_BALANCER_IP]
[--name=NAME] [--overrides=INLINE_JSON] [--port=PORT]
[--protocol=TCP|UDP|SCTP] [--scheme=http|https]
[--target-port=NUMBER|NAME] [--type=ClusterIP|NodePort|LoadBalancer|ExternalName]
[--dry-run=client|server|none] [--field-selector=SELECTOR]
(--filename=FILENAME | --kustomize=DIR)

deployment|pod|replicaset|rc|service NAME
    Resource type and name to expose (positional argument)

--cluster-ip=CLUSTER_IP
    IP address for the Service; empty auto-generates for ClusterIP

--dry-run=client|server|none
    Dry run without creating; client prints object, server simulates API call

--external-ip=EXTERNAL_IP
    External IP for the Service (not managed by Kubernetes)

--filename=-f, FILENAME
    File, directory, or URL to resource(s); supports JSON/YAML

--load-balancer-ip=LOAD_BALANCER_IP
    Desired LoadBalancer IP; valid only for LoadBalancer type

--name=NAME
    Name of the new Service (defaults to resource name + '-service')

--overrides=JSON_PATCH
    Inline JSON or strategic merge patch to modify Service spec

--port=PORT
    Port exposed by the Service (-1 auto-selects from target)

--protocol=TCP|UDP|SCTP
    Service protocol; defaults to TCP

--scheme=http|https
    Scheme for accessing the Service

--target-port=NUMBER|NAME
    Port on Pod container; can be number or containerPort name

--type=ClusterIP|NodePort|LoadBalancer|ExternalName
    Service type; defaults to ClusterIP

kubectl expose is a kubectl command that creates a Kubernetes Service to expose a Deployment, ReplicaSet, Pod, ReplicationController, or other supported resource. It automatically generates a Service selector matching the labels of the target resource's Pods, routing traffic to them.

This simplifies service discovery within the cluster. By default, it creates a ClusterIP Service, but options allow NodePort or LoadBalancer for external access. Specify --port for the Service port and --target-port for the Pod's container port.

Common use cases include quickly exposing web apps: kubectl expose deployment/myapp --type=LoadBalancer --port=80. The command supports overrides via JSON patch for custom configurations. It integrates with kubectl's dry-run for testing without creation.

Supports multiple resources via files (-f) or selectors. Deprecated resources like ReplicationControllers still work but recommend Deployments. Enhances declarative workflows when combined with YAML manifests.

Only exposes resources with Pod selectors; Services can't be exposed recursively. Use declarative YAML for production. Some older resource types (e.g., rc) deprecated. Requires cluster-admin or edit permissions on Services.

kubectl expose deployment/nginx --port=80 --type=LoadBalancer
kubectl expose pod/my-pod --name=my-svc --target-port=8080 --dry-run=client -o yaml
kubectl expose -f pod.yaml --overrides='{"spec":{"type":"NodePort"}}'

deployment, daemonset, job, pod, rc, replicaset, replicationcontroller, service

Introduced in Kubernetes v1.0 (2014) as part of core kubectl for imperative service creation. Evolved with Service types in v1.2+; LoadBalancer enhancements in cloud providers. Remains stable but docs encourage declarative manifests since v1.18+.

kubectl create(1), kubectl get services(1), kubectl port-forward(1), kubectl describe service(1)