Kubernetes
- Kubernetes/Amazon EKS
- Kubernetes/ArgoCD
- Kubernetes/ConfigMap and Secrets
- Kubernetes/Container Runtimes OCI
- Kubernetes/DNS
- Kubernetes/Deployment, ReplicaSet and Pod
- Kubernetes/Echoserver
- Kubernetes/Google GKE
- Kubernetes/Helm
- Kubernetes/Ingress controller
- Kubernetes/Install Master and nodes
- Kubernetes/Istio
- Kubernetes/Istio-logs-default-install
- Kubernetes/Istio/Observability
- Kubernetes/Jobs,CronJob
- Kubernetes/Kind
- Kubernetes/Kubelet
- Kubernetes/Kustomize
- Kubernetes/Monitoring
- Kubernetes/Networking
- Kubernetes/Progressive Delivery Flux and Flagger
- Kubernetes/Rancher
- Kubernetes/Requests and Limits, units
- Kubernetes/Resources,Objects and API
- Kubernetes/Resources and Limits
- Kubernetes/SAN-Storage
- Kubernetes/Scheduling
- Kubernetes/Security and RBAC
- Kubernetes/Storage
- Kubernetes/Tilt
- Kubernetes/Tools
- Kubernetes/external-dns
- Kubernetes/minikube
Common ports
- Docker
TCP :2375 - docker.d http TCP :2376 - docker.d https
- Kubernetes
Control-plane node(s)
Protocol | Direction | Port | Purpose | UsedBy |
---|---|---|---|---|
TCP | Inbound | 6443* | Kubernetes API Server (or 8080 if TLS is disabled) | All |
TCP | Inbound | 2379-2380 | etcd server client API | kube-apiserver, etcd |
TCP | Inbound | 10250 | Kubelet TLS secure API, accepts connections from the API server (master) | Self, Control plane |
TCP | Inbound | 10251 | kube-scheduler | Self |
TCP | Inbound | 10252 | kube-controller-manager | Self |
TCP | 10255 | Read-Only (non-secure) Kubelet API, *disabled on EKS |
Worker node(s)
Protocol | Direction | Port | Purpose | UsedBy |
---|---|---|---|---|
TCP | Inbound | 10250 | Kubelet API | Self, Control plane |
TCP | Inbound | 30000-32767 | NodePort Services (defaults) | All |
Others
127.0.0.1:45039 - CRI (Container Runtime Interface)streaming server port, used by kubectl exec/attach/port-forward shim is build in into kublet
Kubernetes curls:
curl localhost:<port>/metrics /healthz /api