kubernetes: Services with same port, different protocol display wrongly in kubectl and have wrong merge key

User reported:

I am running a service with both TCP and UDP:

spec:
  type: NodePort
  ports:
    - protocol: UDP
      port: 30420
      nodePort: 30420
    - protocol: TCP
      port: 30420
      nodePort: 30420

but kubectl describe service shows only UDP.

Type:			NodePort
IP:			10.0.13.152
Port:			<unset>	30420/UDP
NodePort:		<unset>	30420/UDP
Endpoints:		10.244.4.49:30420

When I change the order then it shows only TCP.

This looks like using the wrong mergeKey, and indeed the code backs that up:

2508 type ServiceSpec struct { 2509 // The list of ports that are exposed by this service. 2510 // More info: http://kubernetes.io/docs/user-guide/services#virtual-ips-and-service-proxies 2511 Ports []ServicePort json:"ports,omitempty" patchStrategy:"merge" patchMergeKey:"port" protobuf:"bytes,1,rep,name=ports"

The key should probably be “name”, though that can be empty if there is a single port only - is that a problem? @ymqytw ?

About this issue

Original URL
State: closed
Created 8 years ago
Reactions: 29
Comments: 74 (48 by maintainers)

Commits related to this issue

ccm/do: relax UDP port duplication validation This was originally added in #409 due to an upstream bug (https://github.com/kubernetes/kubernetes/issues/39188). It turns out, however, that we and many... — committed to digitalocean/digitalocean-cloud-controller-manager by anitgandhi 2 years ago
ccm/do: relax UDP port duplication validation This was originally added in #409 due to an upstream bug (https://github.com/kubernetes/kubernetes/issues/39188). It turns out, however, that we and many... — committed to digitalocean/digitalocean-cloud-controller-manager by anitgandhi 2 years ago

Most upvoted comments

This bug is older than my daughter, it will soon go to school. Why no one is going to fix it?

+31

rearden-steel on May 24, 2020

Don’t fix it. Fail service creation if you try to use the same port number with two protocols.

No. Not option (3) please. There are use cases for this - like DNS and supporting both H2-over-TLS and H3-over-QUIC and so on.

su225 on Jul 8, 2021

I think containerPorts in Deployments have the same problem. I can’t seem to specify the same port for two different protocols.

praseodym on Apr 28, 2018

i just fall in the same issue. I was trying to understand why my DNS queries goes to port 53 instead of 5353 and only in TCP. The service was doing only TCP 53->53. Editing TCP port on the service edited the UDP port (if not the same than UDP port), very weird. kubectl replace worked fine, but kubectl edit not. Be warned.

nerzhul on Sep 5, 2023

@brianpursley You forgot 4. Use server-side apply and the new listMapKey that allow for multiple merge keys.

apelisse on Oct 23, 2020