I am trying to expose a UDP service (tftp) through a k3s nodePort but can't seem to connect. The TCP service work fine, but the UDP service doesn't seem to be exposed.
The deployment lists the ports:
...
ports:
- containerPort: 3000
- containerPort: 69
protocol: UDP
and here is the service definition:
apiVersion: v1
kind: Service
metadata:
name: netboot-nodeports
spec:
selector:
app: netboot
type: NodePort
ports:
- name: tftp
port: 69
targetPort: 69
nodePort: 32069
protocol: UDP
- name: webui
port: 3000
targetPort: 3000
nodePort: 32070
Connecting to the TCP port from the node or another machine on the network (ie, curl http://192.168.1.154:32070) works as expected. I can connect to the tftp UDP service from inside the container (ie, kubectl exec -it netboot-64565b9c69-bmvs4n -- tftp localhost 69), but connecting from the node or another machine on the network (ie, tftp 192.168.1.154 32069) fails with a timeout error.
This is all running in k3s on nixOS on a single node. There is no firewall running (configuration.nix: networking.firewall.enable = false;). I dodn't see any relevant errors in the k3s logs. The nix k3s config is really minimal:
services.k3s.enable = true;
services.k3s.role = "server";
services.k3s.extraFlags = toString [];
