Kubernetes NodePort: How to expose services externally
Learn how Kubernetes NodePort services work. Exposes your service on a port between 30000–32767 on every node, enabling external access without a cloud load balancer.
4 lessons · 11 min · Advanced
Written by
Marketing Team at Civo
Written by
Marketing Team at Civo
A NodePort Service exposes your application on a port between 30000 and 32767 on every node in the cluster. External traffic arriving at any node's IP address on that port is routed through to the correct pods via the Service's selector.
NodePort is the simplest way to expose a Kubernetes Service to traffic from outside the cluster without requiring a cloud load balancer.
When to use NodePort
NodePort is appropriate when:
- You are running on bare metal or on-premises infrastructure where no cloud load balancer is available
- You are in a development or testing environment and need quick external access
- You are building a custom ingress or load balancing solution on top of NodePort and want to manage the external routing yourself
- You need a predictable, stable port that an external system can connect to
For production workloads on cloud infrastructure, LoadBalancer is usually the better choice as it provisions an external IP automatically without requiring you to manage node IPs or firewall rules.
How NodePort traffic flows
When external traffic arrives at <NodeIP>:<NodePort>:
- The node receives the traffic on the NodePort
- The Service routes it to the ClusterIP
- The ClusterIP load-balances it across the healthy pods matching the Service's selector
- The selected pod receives the request
Every node in the cluster listens on the NodePort, so you can use any node's IP address to reach the Service. If one node is unavailable, the others still serve traffic on the same port.
Working example
Create a namespace and a deployment:
kubectl create namespace examplekubectl create deployment demo --image=nginx --port=3000 -n example
Create a NodePort Service:
apiVersion: v1kind: Servicemetadata:name: demo-nodeportnamespace: examplespec:type: NodePortselector:app: demoports:- port: 80targetPort: 3000nodePort: 31520
kubectl apply -f nodeport.yaml
Verify the Service was created:
kubectl get all -n example
Expected output:
NAME READY STATUS RESTARTS AGEpod/demo-6b7f9d8c5-abc12 1/1 Running 0 30sNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEservice/demo-nodeport NodePort 10.96.145.23 <none> 80:31520/TCP 10s
The Service is now accessible at <NodeIP>:31520 from outside the cluster.
NodePort range and automatic assignment
NodePort values must be in the range 30000 to 32767. If you omit the nodePort field from the Service spec, Kubernetes assigns an available port automatically from within this range.
Manually specifying a port as in the example above is useful when you need a predictable, stable port for external load balancer configuration or when you want consistent port numbers across environments.
Comparison: NodePort vs LoadBalancer
Use NodePort when you need external access without a cloud load balancer. Use LoadBalancer when you want the cloud provider to provision an external IP automatically.

Marketing Team at Civo
Civo is the Sovereign Cloud and AI platform designed to help developers and enterprises build without limits. We bridge the gap between the openness of the public cloud and the rigorous security of private environments, delivering full cloud parity across every deployment. As a team, we are dedicated to providing scalable compute, lightning-fast Kubernetes, and managed services that are ready in minutes. Through CivoStack Enterprise and our FlexCore appliance, we empower organizations to maintain total data sovereignty on their own hardware.
Our mission is to make the cloud faster, simpler, and fairer. By providing enterprise-grade NVIDIA GPUs and streamlined model management, we ensure that high-performance AI and machine learning are accessible to everyone. Built for transparency and performance, the Civo Team is here to give you total control over your infrastructure, your data, and your spend.
Share this lesson