kube-proxy开的端口是干什么用的,为什么要监听这么多端口?从我的节点,我可以看到 kube-proxy 正在监听很多端口。有人可以向我解释为什么他们要监听这么多端口,它是做什么用的?输出如下:
[root@runsdata-test-0001 ~]# netstat -antup|grep kube-proxy
tcp 0 0 127.0.0.1:10249 0.0.0.0:* LISTEN 14370/kube-proxy
tcp 0 0 10.0.0.154:59638 10.0.0.154:6443 ESTABLISHED 14370/kube-proxy
tcp6 0 0 :::31860 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::11989 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::26879 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::8100 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::10055 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::27688 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::29932 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::4303 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::31504 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::10256 :::* LISTEN 14370/kube-proxy
tcp6 0 0 :::21201 :::* LISTEN 14370/kube-proxy
[root@runsdata-test-0001 ~]# ss -antup|grep kube-proxy
tcp LISTEN 0 128 127.0.0.1:10249 *:* users:(("kube-proxy",pid=14370,fd=9))
tcp ESTAB 0 0 10.0.0.154:59638 10.0.0.154:6443 users:(("kube-proxy",pid=14370,fd=6))
tcp LISTEN 0 128 [::]:31860 [::]:* users:(("kube-proxy",pid=14370,fd=16))
tcp LISTEN 0 128 [::]:11989 [::]:* users:(("kube-proxy",pid=14370,fd=18))
tcp LISTEN 0 128 [::]:26879 [::]:* users:(("kube-proxy",pid=14370,fd=11))
tcp LISTEN 0 128 [::]:8100 [::]:* users:(("kube-proxy",pid=14370,fd=17))
tcp LISTEN 0 128 [::]:10055 [::]:* users:(("kube-proxy",pid=14370,fd=14))
tcp LISTEN 0 128 [::]:27688 [::]:* users:(("kube-proxy",pid=14370,fd=13))
tcp LISTEN 0 128 [::]:29932 [::]:* users:(("kube-proxy",pid=14370,fd=12))
tcp LISTEN 0 128 [::]:4303 [::]:* users:(("kube-proxy",pid=14370,fd=10))
tcp LISTEN 0 128 [::]:31504 [::]:* users:(("kube-proxy",pid=14370,fd=3))
tcp LISTEN 0 128 [::]:10256 [::]:* users:(("kube-proxy",pid=14370,fd=8))
tcp LISTEN 0 128 [::]:21201 [::]:* users:(("kube-proxy",pid=14370,fd=15))
从下面的结果可以看出,kube-proxy监听的端口并不是clusterip或者nodeport类型的每一个服务的端口。大多数服务端口没有被监听
[root@runsdata-test-0001 ~]# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
admin-dashboard ClusterIP 10.0.6.133 <none> 8652/TCP 76d app=admin-dashboard
basic-customer-service-web ClusterIP 10.0.6.70 <none> 80/TCP 88d app=basic-customer-service-web
cloud-agent-dashboard-web ClusterIP 10.0.6.82 <none> 80/TCP 88d app=cloud-agent-dashboard-web
config-server ClusterIP 10.0.6.199 <none> 8100/TCP 17d app=config-server
content-management-service-v2-0 ClusterIP 10.0.6.149 <none> 8511/TCP 88d app=content-management-service-v2-0
customer-service-web-v1 ClusterIP 10.0.6.64 <none> 80/TCP 88d app=customer-service-web-v1
customer-service-web-v2 ClusterIP 10.0.6.12 <none> 80/TCP 88d app=customer-service-web-v2
default-http-backend ClusterIP 10.0.6.102 <none> 80/TCP 62d k8s-app=default-http-backend
file-server ClusterIP 10.0.6.221 <none> 80/TCP 88d app=file-server
glusterfs-cluster ClusterIP 10.0.6.197 <none> 1990/TCP 88d <none>
glusterfs-dynamic-2364ef3c-21d9-4b57-8416-3bec33191c63 ClusterIP 10.0.6.145 <none> 1/TCP 76d <none>
glusterfs-dynamic-4cebf743-e9a3-4bc0-b96a-e3bca2d7c65b ClusterIP 10.0.6.139 <none> 1/TCP 76d <none>
glusterfs-dynamic-65ab49bf-ea94-471a-be8a-ba9a32eca3f2 ClusterIP 10.0.6.72 <none> 1/TCP 76d <none>
glusterfs-dynamic-86817d19-5173-4dfb-a09f-b27785d62619 ClusterIP 10.0.6.42 <none> 1/TCP 76d <none>
glusterfs-dynamic-8b31e26e-b33d-4ddf-8604-287b015f4463 ClusterIP 10.0.6.40 <none> 1/TCP 76d <none>
glusterfs-dynamic-8ede2720-863d-4329-8c7a-7bc2a7f540e4 ClusterIP 10.0.6.148 <none> 1/TCP 76d <none>
glusterfs-dynamic-b0d2f15d-847c-44e6-8272-0390d42806d1 ClusterIP 10.0.6.185 <none> 1/TCP 76d <none>
glusterfs-dynamic-b16b2a65-d21d-412e-88b5-ca5fb5ce8626 ClusterIP 10.0.6.29 <none> 1/TCP 76d <none>
glusterfs-dynamic-ee1be4cc-d90f-4ac4-a662-6a6fdc25e628 ClusterIP 10.0.6.251 <none> 1/TCP 76d <none>
hr-dashboard-web-global ClusterIP 10.0.6.66 <none> 80/TCP 88d app=hr-dashboard-web-global
hystrix-dashboard ClusterIP 10.0.6.87 <none> 8650/TCP 48d app=hystrix-dashboard
kafka-hs ClusterIP None <none> 9092/TCP 76d app=kafka
kafka-server ClusterIP 10.0.6.209 <none> 9092/TCP 76d app=kafka
mongo-master ClusterIP 10.0.6.39 <none> 27017/TCP 88d name=mongo
mongodb-1 ClusterIP 10.0.6.11 <none> 27017/TCP 17d <none>
mongodb-2 ClusterIP 10.0.6.55 <none> 27017/TCP 17d <none>
mongodb-3 ClusterIP 10.0.6.114 <none> 27017/TCP 17d <none>
mysql-master ClusterIP 10.0.6.201 <none> 3306/TCP 88d <none>
news-content-management-web ClusterIP 10.0.6.93 <none> 80/TCP 61d app=news-content-management-web
peony-ali-api ClusterIP 10.0.6.151 <none> 9220/TCP 62d app=peony-ali-api
peony-app-update ClusterIP 10.0.6.138 <none> 9410/TCP 87d app=peony-app-update
peony-authenticate-storage-service-v3-0 ClusterIP 10.0.6.37 <none> 8241/TCP 88d app=peony-authenticate-storage-service-v3-0
peony-hr-file-server ClusterIP 10.0.6.53 <none> 80/TCP 87d app=peony-hr-file-server
peony-infrastructure-gateway ClusterIP 10.0.6.132 <none> 8020/TCP 60d app=peony-infrastructure-gateway
peony-log-file-server ClusterIP 10.0.6.54 <none> 80/TCP 14d app=peony-log-file-server
peony-media-hr-file-server ClusterIP 10.0.6.129 <none> 80/TCP 87d app=peony-media-hr-file-server
peony-medical-file-server ClusterIP 10.0.6.31 <none> 80/TCP 87d app=peony-medical-file-server
peony-online-file-server ClusterIP 10.0.6.217 <none> 80/TCP 87d app=peony-online-file-server
peony-payment-service ClusterIP 10.0.6.38 <none> 9400/TCP 87d app=peony-payment-service
peony-sms-api ClusterIP 10.0.6.204 <none> 9200/TCP 87d app=peony-sms-api
peony-sms-gateway ClusterIP 10.0.6.7 <none> 80/TCP 87d app=peony-sms-gateway
peony-sms-sender ClusterIP 10.0.6.135 <none> 9211/TCP 87d app=peony-sms-sender
peony-sms-web ClusterIP 10.0.6.74 <none> 80/TCP 61d app=peony-sms-web
plum-gatherer-api ClusterIP 10.0.6.239 <none> 80/TCP 87d app=plum-gatherer-api
plum-gatherer-gateway ClusterIP 10.0.6.67 <none> 7010/TCP 87d app=plum-gatherer-gateway
plum-live-gatherer ClusterIP 10.0.6.187 <none> 7011/TCP 87d app=plum-live-gatherer
rabbit-server ClusterIP 10.0.6.125 <none> 5672/TCP,15672/TCP 68d app=rabbit-server
redis-foundation-master ClusterIP 10.0.6.127 <none> 6379/TCP 17d name=redis-foundation
redis-sentinel-0 ClusterIP 10.0.6.203 <none> 36379/TCP 20d <none>
redis-sentinel-1 ClusterIP 10.0.6.10 <none> 36379/TCP 20d <none>
redis-sentinel-2 ClusterIP 10.0.6.222 <none> 36379/TCP 20d <none>
redis-sms-master ClusterIP 10.0.6.50 <none> 6379/TCP 87d name=redis-sms
redis-user-master ClusterIP 10.0.6.71 <none> 6379/TCP 87d name=redis-user
si-console-web ClusterIP 10.0.6.88 <none> 80/TCP 87d app=si-console-web
si-gov-admin-web ClusterIP 10.0.6.152 <none> 80/TCP 87d app=si-gov-admin-web
society-admin-web ClusterIP 10.0.6.105 <none> 80/TCP 86d app=society-admin-web
society-admin-web-v2 ClusterIP 10.0.6.119 <none> 80/TCP 49d app=society-admin-web-v2
society-app-config-service-v2-0 ClusterIP 10.0.6.112 <none> 8013/TCP 88d app=society-app-config-service-v2-0
society-assistance-service-v1-0 ClusterIP 10.0.6.238 <none> 8531/TCP 88d app=society-assistance-service-v1-0
society-authenticate-storage-service-v3-0 ClusterIP 10.0.6.177 <none> 8241/TCP 35d app=society-authenticate-storage-service-v3-0
society-authorization-server ClusterIP 10.0.6.183 <none> 10681/TCP,9010/TCP 88d app=society-authorization-server
society-certification-service-v2-0 ClusterIP 10.0.6.198 <none> 8215/TCP 88d app=society-certification-service-v2-0
society-config-app-api ClusterIP 10.0.6.9 <none> 80/TCP 80d app=society-config-app-api
society-employment-mobile-universal-web ClusterIP 10.0.6.247 <none> 80/TCP 88d app=society-employment-mobile-universal-web
society-employment-service-v1-0 ClusterIP 10.0.6.211 <none> 8541/TCP 87d app=society-employment-service-v1-0
society-im-service-v1-0 ClusterIP 10.0.6.235 <none> 8551/TCP 87d app=society-im-service-v1-0
society-insurance-app-api ClusterIP 10.0.6.6 <none> 80/TCP 88d app=society-insurance-app-api
society-insurance-foundation-service-v2-0 ClusterIP 10.0.6.49 <none> 8223/TCP 88d app=society-insurance-foundation-service-v2-0
society-insurance-gateway ClusterIP 10.0.6.202 <none> 8020/TCP 88d app=society-insurance-gateway
society-insurance-management-service-v2-0 NodePort 10.0.6.140 <none> 8235:31860/TCP 63d app=society-insurance-management-service-v2-0
society-insurance-resident-service-v2-0 ClusterIP 10.0.6.5 <none> 8311/TCP 88d app=society-insurance-resident-service-v2-0
society-insurance-storage-service-v2-0 ClusterIP 10.0.6.2 <none> 8228/TCP 88d app=society-insurance-storage-service-v2-0
society-insurance-user-service-v2-0 ClusterIP 10.0.6.23 <none> 8221/TCP 88d app=society-insurance-user-service-v2-0
society-insurance-web-api ClusterIP 10.0.6.236 <none> 80/TCP 88d app=society-insurance-web-api
society-material-h5-web ClusterIP 10.0.6.43 <none> 80/TCP 73d app=society-material-h5-web
society-material-service-v1-0 ClusterIP 10.0.6.241 <none> 8261/TCP 67d app=society-material-service-v1-0
society-material-web ClusterIP 10.0.6.65 <none> 80/TCP 83d app=society-material-web
society-notice-service-v1-0 ClusterIP 10.0.6.16 <none> 8561/TCP 14d app=society-notice-service-v1-0
society-online-business-admin-web ClusterIP 10.0.6.230 <none> 80/TCP 88d app=society-online-business-admin-web
society-online-business-configure-h5-web ClusterIP 10.0.6.8 <none> 80/TCP 88d app=society-online-business-configure-h5-web
society-online-business-mobile-web ClusterIP 10.0.6.137 <none> 80/TCP 88d app=society-online-business-mobile-web
society-online-business-mobile-web-v2-0 ClusterIP 10.0.6.108 <none> 80/TCP 87d app=society-online-business-mobile-web-v2-0
society-online-business-mobile-web-v2-1 ClusterIP 10.0.6.128 <none> 80/TCP 87d app=society-online-business-mobile-web-v2-1
society-online-business-processor-service-v1-0 ClusterIP 10.0.6.99 <none> 10042/TCP 88d app=global-online-business-processor-service-v1-0
society-online-business-service-v2-0 ClusterIP 10.0.6.186 <none> 8216/TCP 88d app=society-online-business-service-v2-0
society-online-business-service-v2-1 ClusterIP 10.0.6.162 <none> 8216/TCP 88d app=society-online-business-service-v2-1
society-operation-gateway ClusterIP 10.0.6.4 <none> 8010/TCP 88d app=society-operation-gateway
society-operation-user-service-v1-1 ClusterIP 10.0.6.35 <none> 8012/TCP 88d app=society-operation-user-service-v1-1
society-operator-management-service-v1-0 ClusterIP 10.0.6.234 <none> 8271/TCP 83d app=society-operator-management-service-v1-0
society-operator-management-web ClusterIP 10.0.6.150 <none> 80/TCP 77d app=society-operator-management-web
society-portal-mobile-universal-web ClusterIP 10.0.6.244 <none> 80/TCP 88d app=society-portal-mobile-universal-web
society-portal-nationwide-web ClusterIP 10.0.6.237 <none> 80/TCP 88d app=society-portal-nationwide-web
society-proxy-access-service-v2-0 ClusterIP 10.0.6.243 <none> 8411/TCP 58d app=society-proxy-access-service-v2-0
society-resident-service-v3-0 ClusterIP 10.0.6.63 <none> 8231/TCP 88d app=society-resident-service-v3-0
society-training-exam-web ClusterIP 10.0.6.83 <none> 80/TCP 37d app=society-training-exam-web
society-training-mobile-universal-web ClusterIP 10.0.6.210 <none> 80/TCP 88d app=society-training-mobile-universal-web
society-training-service-v1-0 ClusterIP 10.0.6.36 <none> 8521/TCP 88d app=society-training-service-v1-0
society-user-service-v2-0 ClusterIP 10.0.6.216 <none> 8211/TCP 87d app=society-user-service-v2-0
society-user-service-v3-0 ClusterIP 10.0.6.227 <none> 8211/TCP 88d app=society-user-service-v3-0
sports-training-web ClusterIP 10.0.6.123 <none> 80/TCP 87d app=sports-training-web
static-file-server ClusterIP 10.0.6.73 <none> 80/TCP 88d app=static-file-server
traefik-ingress-controller ClusterIP 10.0.6.225 <none> 80/TCP,6080/TCP,443/TCP 17d app=traefik-ingress-controller
turbine-server ClusterIP 10.0.6.160 <none> 8989/TCP 76d app=turbine-server
weedfs-filer ClusterIP 10.0.6.32 <none> 8080/TCP 19d app=weedfs-filer
weedfs-master ClusterIP 10.0.6.91 <none> 9333/TCP 87d app=weedfs-master
weedfs-volume-1 ClusterIP 10.0.6.79 <none> 8080/TCP 87d app=weedfs-volume-1
zipkin-server ClusterIP 10.0.6.184 <none> 9411/TCP 48d app=zipkin-server
zk-cs ClusterIP 10.0.6.194 <none> 2181/TCP 76d app=zk
zk-hs ClusterIP None <none> 2888/TCP,3888/TCP 76d app=zk
[root@runsdata-test-0001 ~]# ss -antup|grep kube-proxy
tcp LISTEN 0 128 127.0.0.1:10249 *:* users:(("kube-proxy",pid=14370,fd=9))
tcp ESTAB 0 0 10.0.0.154:59638 10.0.0.154:6443 users:(("kube-proxy",pid=14370,fd=6))
tcp LISTEN 0 128 [::]:31860 [::]:* users:(("kube-proxy",pid=14370,fd=16))
tcp LISTEN 0 128 [::]:11989 [::]:* users:(("kube-proxy",pid=14370,fd=18))
tcp LISTEN 0 128 [::]:26879 [::]:* users:(("kube-proxy",pid=14370,fd=11))
tcp LISTEN 0 128 [::]:8100 [::]:* users:(("kube-proxy",pid=14370,fd=17))
tcp LISTEN 0 128 [::]:10055 [::]:* users:(("kube-proxy",pid=14370,fd=14))
tcp LISTEN 0 128 [::]:27688 [::]:* users:(("kube-proxy",pid=14370,fd=13))
tcp LISTEN 0 128 [::]:29932 [::]:* users:(("kube-proxy",pid=14370,fd=12))
tcp LISTEN 0 128 [::]:4303 [::]:* users:(("kube-proxy",pid=14370,fd=10))
tcp LISTEN 0 128 [::]:31504 [::]:* users:(("kube-proxy",pid=14370,fd=3))
tcp LISTEN 0 128 [::]:10256 [::]:* users:(("kube-proxy",pid=14370,fd=8))
tcp LISTEN 0 128 [::]:21201 [::]:* users:(("kube-proxy",pid=14370,fd=15))
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 31860
society-insurance-management-service-v2-0 NodePort 10.0.6.140 <none> 8235:31860/TCP 63d app=society-insurance-management-service-v2-0
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 11989
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 26879
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 8100
config-server ClusterIP 10.0.6.199 <none> 8100/TCP 17d app=config-server
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 10055
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 27688
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 29932
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 4303
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 31504
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 10256
[root@runsdata-test-0001 ~]# kubectl get svc -o wide |grep 21201
[root@runsdata-test-0001 ~]#
