In Go, that looks like this:
The above code will bind to all TCP interfaces. Since Kubernetes does support dual-stack IPv4 & IPv6 our services should bind to all interfaces (we do not currently have IPv6 services).
If you must specify an ip address to expose your service on, choosing
0.0.0.0:port is typically a good choice. What this does can be OS and platform-specific.
127.0.0.1:port is binding to a local-only interface that constrained to the same “host”. In Kubernetes, other containers within the Pod may still communicate with this service AND you may port-forward this container and associated service
This may be preferred in a sidecar pattern where you do not want a container accessible outside a Pod or when you don’t want expose your laptop to the cofeeshop wifi but generally, code should not be merged that binds to
How can I port-forward a local only service?
Due to the way that kube-proxy works when you port-forward a pod or a service kube-proxy opens a tunnel to that pod (or a pod that backs that service). This can make debugging why a service is accessible in the pod but not outside of the pod hard to understand.
You can also use
kubectl port-forward --address 0.0.0.0 if you need to expose a port-forwarded service outside of your local machine (it defaults to
127.0.0.1). link :exploding_head:
We also have CI test for this here