kubectl-expose

Create a service for a resource, which will be served from container port to node port

$ kubectl expose [resource_type] [resource_name] --port=[node_port] --target-port=[container_port]

$ kubectl expose [[-f|--filename]] [path/to/file.yml] --port=[node_port] --target-port=[container_port]

$ kubectl expose [resource_type] [resource_name] --port=[node_port] --name=[service_name]

kubectl expose (TYPE NAME | -f FILENAME) [--port=port] [--target-port=port] [--protocol=protocol] [--type=type] [--name=name] [--selector=key=value] [--external-ip=ip] [options]

-f, --filename=FILENAME
    File or URL containing the resource to expose.

--name=NAME
    The name of the service to create. If omitted, defaults to the name of the exposed resource.

--port=PORT
    The port that the Service should serve on. Required.

--target-port=PORT
    The port that the exposed container is listening on. If omitted, defaults to the value of --port.

--protocol=PROTOCOL
    The protocol for the Service port (TCP, UDP, or SCTP). Defaults to TCP.

--type=TYPE
    The type of Service to create (ClusterIP, NodePort, LoadBalancer, ExternalName). Defaults to ClusterIP.

--selector=KEY=VALUE
    A selector (label query) to filter pods for the service. If omitted, the selector is inferred from the exposed resource.

--external-ip=IP
    The external IP address for the service (for ClusterIP or NodePort types).

--cluster-ip=IP
    Assign a specific ClusterIP to the Service (for ClusterIP type).

--dry-run=STR
    If client or server, only print the object that would be sent, without sending it. If none, the command will be executed. Defaults to none.

--labels=KEY=VALUE,...
    Labels to apply to the service.

kubectl expose is a fundamental command used to create a new Kubernetes Service object, making a specified resource (like a Deployment, Pod, ReplicaSet, or ReplicationController) accessible on the network. It automatically selects the pods backing the exposed resource and exposes them via a Service, which provides a stable IP address and DNS name.

Users can specify the Service type (e.g., ClusterIP for internal cluster access, NodePort for exposing on cluster nodes, LoadBalancer for external load balancing, or ExternalName for abstracting external services). This command simplifies the process of creating a Service without directly writing complex YAML manifests, streamlining connectivity for applications within or outside the cluster.

While convenient, kubectl expose is a simplification. For complex Service configurations (e.g., multiple ports, advanced selectors, specific IP ranges), writing a Service YAML manifest directly and using kubectl apply -f is often preferred.

Exposing a Pod directly creates a Service tied to that specific Pod's lifecycle. If the Pod is recreated (e.g., by a controller like a Deployment), the Service might need to be re-exposed or manually updated to target the new Pods. It's generally safer and more common to expose higher-level controllers like Deployments or ReplicaSets, as the Service will then dynamically target their managed Pods.

• Expose a Deployment as a ClusterIP Service on port 80:
  kubectl expose deployment my-app --port=80
  This creates a Service named 'my-app' that targets pods of the 'my-app' deployment on port 80, accessible only within the cluster.
• Expose a Deployment as a NodePort Service:
  kubectl expose deployment my-app --port=80 --type=NodePort
  This makes the Service accessible on a specific port on all cluster nodes, in addition to its ClusterIP.
• Expose a Pod with a specific target port and a custom Service name:
  kubectl expose pod my-pod --port=80 --target-port=8080 --name=my-pod-service
  This creates a Service named 'my-pod-service' that listens on port 80 and forwards traffic to port 8080 on the 'my-pod' container.

kubectl create service(1), kubectl get service(1), kubectl describe service(1), kubectl apply(1), kubectl delete service(1)