Kong with Multiple ports enable for our kubernetes knative API Services

Hi Team ,

We have already have a Kong Deployed in our AKS Cluster , we need the kong to expose in 8081 port also along with the default ports its running .

Please find the attached Deployment manifest file and the services which we are using ,

NOTE: We are using a private azure network for landing the AKS cluster and to deploy the kong deployment .

apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
meta.helm.sh/release-name: dev-kong
meta.helm.sh/release-namespace: kong-java-dev
creationTimestamp: “2025-03-18T13:26:40Z”
generation: 5
labels:
helm.sh/chart: kong-2.17.0-rc.4
name: dev-kong-kong
namespace: kong-java-dev
resourceVersion: “790871396”
uid: 4387c3f6-bb66-4b89-94ed-4bdbd3de975e
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
creationTimestamp: null
labels:
app: dev-kong-kong
helm.sh/chart: kong-2.17.0-rc.4
version: “3.1”
spec:
automountServiceAccountToken: false
containers:

• env:
• name: POD_NAME
  valueFrom:
  fieldRef:
  apiVersion: v1
  fieldPath: metadata.name
• name: POD_NAMESPACE
  valueFrom:
  fieldRef:
  apiVersion: v1
  fieldPath: metadata.namespace
• name: CONTROLLER_ADMISSION_WEBHOOK_LISTEN
  value: 0.0.0.0:8080
• name: CONTROLLER_ELECTION_ID
  value: kong-ingress-controller-leader-zip-java-dev
• name: CONTROLLER_INGRESS_CLASS
  value: zip-java-dev
• name: CONTROLLER_KONG_ADMIN_TLS_SKIP_VERIFY
  value: “true”
• name: CONTROLLER_KONG_ADMIN_URL
  value: https://localhost:8444
• name: CONTROLLER_PUBLISH_SERVICE
  value: kong-java-dev/dev-kong-kong-proxy
• name: KONG_HEADERS
  value: “off”
  image: kong/kubernetes-ingress-controller:2.8
  imagePullPolicy: IfNotPresent
  livenessProbe:
  failureThreshold: 3
  httpGet:
  path: /healthz
  port: 10254
  scheme: HTTP
  initialDelaySeconds: 5
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 5
  name: ingress-controller
  ports:
• containerPort: 8080
  name: webhook
  protocol: TCP
• containerPort: 10255
  name: cmetrics
  protocol: TCP
  readinessProbe:
  failureThreshold: 3
  httpGet:
  path: /readyz
  port: 10254
  scheme: HTTP
  initialDelaySeconds: 5
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 5
  resources: {}
  securityContext: {}
  terminationMessagePath: /dev/termination-log
  terminationMessagePolicy: File
  volumeMounts:
• mountPath: /admission-webhook
  name: webhook-cert
  readOnly: true
• mountPath: /var/run/secrets/kubernetes.io/serviceaccount
  name: dev-kong-kong-token
  readOnly: true
• env:
• name: KONG_ADMIN_ACCESS_LOG
  value: /dev/stdout
• name: KONG_ADMIN_ERROR_LOG
  value: /dev/stderr
• name: KONG_ADMIN_GUI_ACCESS_LOG
  value: /dev/stdout
• name: KONG_ADMIN_GUI_ERROR_LOG
  value: /dev/stderr
• name: KONG_ADMIN_LISTEN
  value: 127.0.0.1:8444 ssl
• name: KONG_CLUSTER_LISTEN
  value: “off”
• name: KONG_DATABASE
  value: “off”
• name: KONG_KIC
  value: “on”
• name: KONG_LOG_LEVEL
  value: debug
• name: KONG_LUA_PACKAGE_PATH
  value: /opt/?.lua;/opt/?/init.lua;;
• name: KONG_NGINX_WORKER_PROCESSES
  value: “2”
• name: KONG_PLUGINS
  value: bundled,oidc
• name: KONG_PORTAL_API_ACCESS_LOG
  value: /dev/stdout
• name: KONG_PORTAL_API_ERROR_LOG
  value: /dev/stderr
• name: KONG_PORT_MAPS
  value: 80:8000, 443:8443
• name: KONG_PREFIX
  value: /kong_prefix/
• name: KONG_PROXY_ACCESS_LOG
  value: /dev/stdout
• name: KONG_PROXY_ERROR_LOG
  value: /dev/stderr
• name: KONG_PROXY_LISTEN
  value: 0.0.0.0:8000, 0.0.0.0:8443 http2 ssl
• name: KONG_PROXY_STREAM_ACCESS_LOG
  value: /dev/stdout basic
• name: KONG_PROXY_STREAM_ERROR_LOG
  value: /dev/stderr
• name: KONG_ROUTER_FLAVOR
  value: traditional
• name: KONG_STATUS_ACCESS_LOG
  value: “off”
• name: KONG_STATUS_ERROR_LOG
  value: /dev/stderr
• name: KONG_STATUS_LISTEN
  value: 0.0.0.0:8100
• name: KONG_STREAM_LISTEN
  value: “off”
• name: KONG_NGINX_DAEMON
  value: “off”
• name: KONG_HEADERS
  value: “off”
  image: niowzipacr.azurecr.io/kong-nio:work-in-progress-mvp-2 **********************
  imagePullPolicy: IfNotPresent
  lifecycle:
  preStop:
  exec:
  command:
• kong
• quit
• –wait=15
  livenessProbe:
  failureThreshold: 3
  httpGet:
  path: /status
  port: status
  scheme: HTTP
  initialDelaySeconds: 5
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 5
  name: proxy
  ports:
• containerPort: 8000
  name: proxy
  protocol: TCP
• containerPort: 8443
  name: proxy-tls
  protocol: TCP
• containerPort: 8100
  name: status
  protocol: TCP
  readinessProbe:
  failureThreshold: 3
  httpGet:
  path: /status
  port: status
  scheme: HTTP
  initialDelaySeconds: 5
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 5
  resources: {}
  securityContext: {}
  terminationMessagePath: /dev/termination-log
  terminationMessagePolicy: File
  volumeMounts:
• mountPath: /kong_prefix/
  name: dev-kong-kong-prefix-dir
• mountPath: /tmp
  name: dev-kong-kong-tmp
  dnsPolicy: ClusterFirst
  imagePullSecrets:
• name: ***********
  initContainers:
• command:
• rm
• -vrf
• $KONG_PREFIX/pids
  env:
• name: KONG_ADMIN_ACCESS_LOG
  value: /dev/stdout
• name: KONG_ADMIN_ERROR_LOG
  value: /dev/stderr
• name: KONG_ADMIN_GUI_ACCESS_LOG
  value: /dev/stdout
• name: KONG_ADMIN_GUI_ERROR_LOG
  value: /dev/stderr
• name: KONG_ADMIN_LISTEN
  value: 127.0.0.1:8444 ssl
• name: KONG_CLUSTER_LISTEN
  value: “off”
• name: KONG_DATABASE
  value: “off”
• name: KONG_KIC
  value: “on”
• name: KONG_LOG_LEVEL
  value: debug
• name: KONG_LUA_PACKAGE_PATH
  value: /opt/?.lua;/opt/?/init.lua;;
• name: KONG_NGINX_WORKER_PROCESSES
  value: “2”
• name: KONG_PLUGINS
  value: bundled,oidc
• name: KONG_PORTAL_API_ACCESS_LOG
  value: /dev/stdout
• name: KONG_PORTAL_API_ERROR_LOG
  value: /dev/stderr
• name: KONG_PORT_MAPS
  value: 80:8000, 443:8443
• name: KONG_PREFIX
  value: /kong_prefix/
• name: KONG_PROXY_ACCESS_LOG
  value: /dev/stdout
• name: KONG_PROXY_ERROR_LOG
  value: /dev/stderr
• name: KONG_PROXY_LISTEN
  value: 0.0.0.0:8000, 0.0.0.0:8443 http2 ssl
• name: KONG_PROXY_STREAM_ACCESS_LOG
  value: /dev/stdout basic
• name: KONG_PROXY_STREAM_ERROR_LOG
  value: /dev/stderr
• name: KONG_ROUTER_FLAVOR
  value: traditional
• name: KONG_STATUS_ACCESS_LOG
  value: “off”
• name: KONG_STATUS_ERROR_LOG
  value: /dev/stderr
• name: KONG_STATUS_LISTEN
  value: 0.0.0.0:8100
• name: KONG_STREAM_LISTEN
  value: “off”
  image: niowzipacr.azurecr.io/kong-nio:work-in-progress-mvp-21b146fe56ca759f72d2644b66f043cca139fa85
  imagePullPolicy: IfNotPresent
  name: clear-stale-pid
  resources: {}
  securityContext: {}
  terminationMessagePath: /dev/termination-log
  terminationMessagePolicy: File
  volumeMounts:
• mountPath: /kong_prefix/
  name: dev-kong-kong-prefix-dir
• mountPath: /tmp
  name: dev-kong-kong-tmp
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: dev-kong-kong
  serviceAccountName: dev-kong-kong
  terminationGracePeriodSeconds: 30
  volumes:
• emptyDir:
  sizeLimit: 256Mi
  name: dev-kong-kong-prefix-dir
• emptyDir:
  sizeLimit: 1Gi
  name: dev-kong-kong-tmp
• name: webhook-cert
  secret:
  defaultMode: 420
  secretName: dev-kong-kong-validation-webhook-keypair
• name: dev-kong-kong-token
  projected:
  defaultMode: 420
  sources:
• serviceAccountToken:
  expirationSeconds: 3607
  path: token
• configMap:
  items:
• key: ca.crt
  path: ca.crt
  name: kube-root-ca.crt
• downwardAPI:
  items:
• fieldRef:
  apiVersion: v1
  fieldPath: metadata.namespace
  path: namespace

apiVersion: v1
kind: Service
metadata:
annotations:
meta.helm.sh/release-name: dev-kong
meta.helm.sh/release-namespace: kong-java-dev
finalizers
enable-metrics: “true”
helm.sh/chart: kong-2.17.0-rc.4
name: dev-kong-kong-proxy
namespace: kong-java-dev
resourceVersion: “298859219”
uid: 066850bf-a8ec-422d-befa-fbcb482bb985
spec:
allocateLoadBalancerNodePorts: true
clusterIP: 10.0.81.197
clusterIPs:

• 10.0.81.197
  externalTrafficPolicy: Cluster
  internalTrafficPolicy: Cluster
  ipFamilies:
• IPv4
  ipFamilyPolicy: SingleStack
  ports:
• name: kong-proxy
  nodePort: 32632
  port: 80
  protocol: TCP
  targetPort: 8000
• name: kong-proxy-tls
  nodePort: 31157
  port: 443
  protocol: TCP
  targetPort: 8443
  selector:
  sessionAffinity: None
  type: LoadBalancer
  status:
  loadBalancer:
  ingress:

  • ip: . . *

    Regards,
    Rajesh M

Hi Team ,

Can you please share any response from any one . Since we are facing this issue for some recent times and we are unable to resolve this issue .

Regards,
Rajesh M

Is there any one who come accross the above mentioned requirement !

Can some one comment if any one have any idea on the above requirement please

Hi kong-gateway Can some one support us on the above mentioned request please !

Regards,
Rajesh M

Did any one came across this issues ?

Problem Statement:

We need Kong to expose an additional port (8081) alongside its default ports to support our Knative-based API services. However, we’re unsure how to configure Kong to listen on multiple ports within the same deployment.

Setup Details:

• Kong is deployed via a Kubernetes manifest in our AKS cluster.

• We are using Knative APIs that require routing through Kong on port 8081.

• The cluster is hosted in a private Azure network.

• We’ve attached our Kong Deployment and Service YAMLs for reference.

  What We Need Help With:

  • How can we configure Kong to listen on multiple ports (e.g., 8000 and 8081)?

  • Is there a recommended way to expose additional ports via the Kong proxy service in Kubernetes ?

  • We are looking for a solution that works natively with Kubernetes manifests.

kubernetes kong-gateway Questions Feature Requests & Feedback