Kubernetes

From Ever changing code
Jump to navigation Jump to search


Common ports

Docker
TCP :2375 - docker.d http
TCP :2376 - docker.d https


Kubernetes

Control-plane node(s)

Protocol Direction Port Purpose UsedBy
TCP Inbound 443 Kubernetes API Server (or 8080 if TLS is disabled) Worker nodes, API requests and End-Users
TCP Inbound 6443* Kubernetes API Server (or 8080 if TLS is disabled) All
TCP Inbound 2379-2380 etcd server client API kube-apiserver, etcd
TCP Inbound 10250 Kubelet TLS secure API, accepts connections from the API server (master) Self, Control plane
TCP Inbound 10251 kube-scheduler Self
TCP Inbound 10252 kube-controller-manager Self
TCP 10255 Read-Only (non-secure) Kubelet API, *disabled on EKS


Worker node(s)

Protocol Direction Port Purpose UsedBy
TCP Inbound 10250 Kubelet API Self, Control plane
TCP Inbound 30000-32767 NodePort Services (defaults) All
UDP Inbound 8285 flannel overlay network - udp backend (default)
UDP Inbound 8472 flannel overlay network, vxlan backend
TCP Inbound 179 Calico BGP network - BGP backend
TCP Inbound 2379-2380 etcd server client API only if using flannel or Calico


Others

127.0.0.1:45039 - CRI (Container Runtime Interface)streaming server port, used by kubectl exec/attach/port-forward
                  shim is build in into kublet


Kubernetes curls:

curl localhost:<port>/metrics
                     /healthz
                     /api

Containers runtime

Since v1.6.0, Kubernetes has enabled the use of CRI, Container Runtime Interface, by default.

Docker     /var/run/docker.sock
CRI-O      /var/run/crio/crio.sock
containerd /run/containerd/containerd.sock

Kubernetes Entrypoint and Cmd

Docker allows you to define an Entrypoint and Cmd which you can mix and match in a Dockerfile. Entrypoint is the executable, and Cmd are the arguments passed to the Entrypoint. The Dockerfile schema is quite lenient and allows users to set Cmd without Entrypoint, which means that the first argument in Cmd will be the executable to run.

Kubernetes uses a different naming convention for Docker Entrypoint and Cmd. In Kubernetes command is Docker Entrypoint and Kubernetes args is Docker Cmd.


Description                         Docker_field_name   Kubernetes_field_name
The command run by the container    entrypoint          command:
Arguments passed to the command     cmd                 args:
References