Do I need to use containerPort for this deployment? Not clear what its for

Hi I’m trying to create a simple rest api service using flask in python. So basically what I did was create a flask app (basic hello world) and created a docker container to expose it using gunicorn like this

FROM python:3.7

RUN mkdir /app
ADD . /app/
RUN pip install flask
RUN pip install gunicorn

CMD ["gunicorn", "-w", "1", "-b", ":8080", "-t", "360", "wsgi:app"]

I tested it using docker run like this

docker run -p 5001:8080 hello-python

and I can access the app using


After I wanted to create a deployment for this container in kubernetes (running on docker) so I have this manifest file

apiVersion: apps/v1
kind: Deployment
  name: hello-python 
  replicas: 2
      app: hello-python
        app: hello-python
      - name: hello-python
        image: hello-python:latest
        imagePullPolicy: Never
        - containerPort: ???

I think I understand everything in the file, except for containerPort. So My questions are as follows

1 - First of all when using flask, it says that not to use the bundled web server for production and to instead use something like gunicorn + nginx - does this still apply when running the app within a container? Do I still need to wire up gunicorn to expose the flask app?

2 - Assuming I keep my app as is with gunicorn - I set it to use the port 8080. When I ran the app in docker I had to direct the traffic from external port 5001 to internal port 8080. Is this what containerPort field is doing as well? or is it for something else? My confusion results from reading this article which indicates that the containerPort is purely informative and we don’t actually have to specify it.

The end goal is to expose the service to the network outside the cluster (i.e. just my local machine network for now)

  1. Yes you do, you use the same docker image you build with gunicorn

  2. containerPort refers to the port where the app is exposed inside the container [8080] in this instance. If you expose the deployment with a service you refer to the external port you need to use as port 5001 and internal container port as targetPort 8080 in your instance. See below code example:

    type: NodePort
    - port: 5001
    targetPort: 8080
    protocol: TCP

Ok thank you,

1 - Regarding first part and gunicorn, what if I just scrap gunicorn and containerized the flask app without a wsgi server - so it runs with the development server instead like this'', port=8080)

2 - What if I don’t want to hard code the port in the dockerfile (or flask app), but instead only specify it in the kubernetes manifest? Is that possible?

  1. Yes you can, though Flask’s built-in server is not suitable for production as it doesn’t scale well and by default serves only one request at a time. The built-in Flask web server is provided for development convenience.

  2. If the port is already exposed by the command inside the image yes it will listen on that port when the container is up. Try it