Kubernetes can't port-forward externalName service

kubectl port-forward only actually forwards a local connection to a single specific pod. While it looks like you can port-forward to other things, these are just means of picking a pod. If you run kubectl port-forward service/foo 12345:80, it actually looks at the pods selected by that Service, remaps the service's port 80 to the corresponding pod port, and forwards to that specific pod.

In your case, this means you can't port-forward to an ExternalName service, because there isn't a pod behind it, and kubectl port-forward only actually forwards to pods.

There are a couple of other implications (or demonstrations) of this. Start a normal Deployment running some service with 3 replicas, with a normal Service in front of it. Port-forward to either the Deployment or the Service, and run a load test; you will see only one pod receive all the traffic. Delete that specific pod, and the port-forward will shut down.

If you want to connect to an ExternalName service, or otherwise do any of the more interesting things services do, you need to make the connection originate from inside the cluster. You could kubectl run a temporary pod as an example:

kubectl run curl-test --rm --image=curlimages/curl --generator=run-pod/v1 -- \  http://my-service.dev.svc.cluster.local