This issue is to address an outstanding GitHub issue: https://github.com/openshift/openshift-docs/issues/884#issuecomment-308764253 3.2 https://docs.openshift.com/enterprise/3.2/architecture/core_concepts/pods_and_services.html#service-nodeport In 3.5: https://docs.openshift.com/container-platform/3.5/architecture/core_concepts/pods_and_services.html#service-nodeport Who can request a nodeport on a service? It mentions that "Setting a nodePort is a privileged operation." but doesn't specify what type of privilege. Is this an SCC-type privilege? Is this a cluster-admin privilege? It's unclear. What happens if someone requests a port for a service that is already requested/in-use? And so on and so forth. This is related, in a larger sense, to the whole service guide. The guide does a good job of explaining the levers to pull and what they do, but we are missing a "bigger picture" description of when to use which and what and why, and what the drawbacks are to things.