Do I need to use containerPort for this deployment? Not clear what its for

General Discussions
1

Hi I’m trying to create a simple rest api service using flask in python. So basically what I did was create a flask app (basic hello world) and created a docker container to expose it using gunicorn like this

FROM python:3.7

RUN mkdir /app
WORKDIR /app
ADD . /app/
RUN pip install flask
RUN pip install gunicorn

CMD ["gunicorn", "-w", "1", "-b", ":8080", "-t", "360", "wsgi:app"]

I tested it using docker run like this

docker run -p 5001:8080 hello-python

and I can access the app using

localhost:5001

After I wanted to create a deployment for this container in kubernetes (running on docker) so I have this manifest file

apiVersion: apps/v1
kind: Deployment
metadata:
  name: hello-python 
spec:
  replicas: 2
  
  selector:
    matchLabels:
      app: hello-python
  template:
    metadata:
      labels:
        app: hello-python
    spec:
      containers:
      - name: hello-python
        image: hello-python:latest
        imagePullPolicy: Never
        ports:
        - containerPort: ???

I think I understand everything in the file, except for containerPort. So My questions are as follows

1 - First of all when using flask, it says that not to use the bundled web server for production and to instead use something like gunicorn + nginx - does this still apply when running the app within a container? Do I still need to wire up gunicorn to expose the flask app?

2 - Assuming I keep my app as is with gunicorn - I set it to use the port 8080. When I ran the app in docker I had to direct the traffic from external port 5001 to internal port 8080. Is this what containerPort field is doing as well? or is it for something else? My confusion results from reading this article https://medium.com/faun/should-i-configure-the-ports-in-kubernetes-deployment-c6b3817e495 which indicates that the containerPort is purely informative and we don’t actually have to specify it.

The end goal is to expose the service to the network outside the cluster (i.e. just my local machine network for now)

2

  1. Yes you do, you use the same docker image you build with gunicorn

  2. containerPort refers to the port where the app is exposed inside the container [8080] in this instance. If you expose the deployment with a service you refer to the external port you need to use as port 5001 and internal container port as targetPort 8080 in your instance. See below code example:

    spec
    type: NodePort
    ports:
    - port: 5001
    targetPort: 8080
    protocol: TCP

3

Ok thank you,

1 - Regarding first part and gunicorn, what if I just scrap gunicorn and containerized the flask app without a wsgi server - so it runs with the development server instead like this

app.run(host='0.0.0.0', port=8080)

2 - What if I don’t want to hard code the port in the dockerfile (or flask app), but instead only specify it in the kubernetes manifest? Is that possible?

4

  1. Yes you can, though Flask’s built-in server is not suitable for production as it doesn’t scale well and by default serves only one request at a time. The built-in Flask web server is provided for development convenience.

  2. If the port is already exposed by the app.run command inside the image yes it will listen on that port when the container is up. Try it