摘要:

分析operator程序在运行时与k8s的交互逻辑

服务间连接:

查看operator程序交互的端口:

[root@ccos-autodeploy-14-67 helloworld]# netstat -anp|grep 740141
tcp        0      0 127.0.0.1:40296         127.0.0.1:6443          ESTABLISHED 740141/./bin/manage 
tcp6       0      0 :::9081                 :::*                    LISTEN      740141/./bin/manage 
tcp6       0      0 :::9080                 :::*                    LISTEN      740141/./bin/manage 

可以看出, 自身监听了配置的端口9080和9081

并且连接6443端口

6443端口:

[root@ccos-autodeploy-14-67 helloworld]# lsof -i :6443
COMMAND      PID USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
kubelet     3585 root   42u  IPv4   100212      0t0  TCP salt-master.ceclouddyn.com:55362->salt-master.ceclouddyn.com:sun-sr-https (ESTABLISHED)
kube-apis   5674 root    6u  IPv6    61886      0t0  TCP *:sun-sr-https (LISTEN)
kube-apis   5674 root   87u  IPv6    41249      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->salt-master.ceclouddyn.com:55418 (ESTABLISHED)
kube-apis   5674 root   89u  IPv6 20189158      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->21.100.121.235:46490 (ESTABLISHED)
kube-apis   5674 root   91u  IPv6    19226      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->salt-master.ceclouddyn.com:55150 (ESTABLISHED)
kube-apis   5674 root   92u  IPv6 20212170      0t0  TCP localhost:sun-sr-https->localhost:40296 (ESTABLISHED)
kube-apis   5674 root   94u  IPv6    19229      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->salt-master.ceclouddyn.com:55158 (ESTABLISHED)
kube-apis   5674 root   96u  IPv6    51585      0t0  TCP localhost:sun-sr-https->localhost:54192 (ESTABLISHED)
kube-apis   5674 root   98u  IPv6    19233      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->salt-master.ceclouddyn.com:55362 (ESTABLISHED)
kube-apis   5674 root  104u  IPv4   106622      0t0  TCP localhost:54096->localhost:sun-sr-https (ESTABLISHED)
kube-apis   5674 root  107u  IPv6 15714363      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->10.253.14.5:50346 (ESTABLISHED)
kube-apis   5674 root  114u  IPv6    19240      0t0  TCP localhost:sun-sr-https->localhost:54096 (ESTABLISHED)
kube-apis   5674 root  119u  IPv6 15602601      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->10.253.14.5:46380 (ESTABLISHED)
kube-apis   5674 root  120u  IPv6 15711131      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->10.253.14.5:42970 (ESTABLISHED)
kube-apis   5674 root  123u  IPv6 15797211      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->10.253.14.5:41518 (ESTABLISHED)
kube-apis   5674 root  124u  IPv6 15816078      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->10.253.14.5:43692 (ESTABLISHED)
kube-apis   5674 root  125u  IPv6 20249857      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->10.253.14.68:61740 (ESTABLISHED)
kube-apis   5674 root  129u  IPv6 20230677      0t0  TCP salt-master.ceclouddyn.com:sun-sr-https->10.253.14.68:39870 (ESTABLISHED)
kube-sche   5679 root    7u  IPv4    43227      0t0  TCP salt-master.ceclouddyn.com:55150->salt-master.ceclouddyn.com:sun-sr-https (ESTABLISHED)
kube-sche   5679 root    8u  IPv4   140403      0t0  TCP salt-master.ceclouddyn.com:55418->salt-master.ceclouddyn.com:sun-sr-https (ESTABLISHED)
kube-cont   5683 root    7u  IPv4   118132      0t0  TCP salt-master.ceclouddyn.com:55158->salt-master.ceclouddyn.com:sun-sr-https (ESTABLISHED)
kube-prox   7606 root    9u  IPv4    63953      0t0  TCP localhost:54192->localhost:sun-sr-https (ESTABLISHED)
manager   740141 root    6u  IPv4 20207285      0t0  TCP localhost:40296->localhost:sun-sr-https (ESTABLISHED)

关键点:

kube-apis   5674 root    6u  IPv6    61886      0t0  TCP *:sun-sr-https (LISTEN)

可以看出是kube-apis服务在监听6443端口

自身监听的9080和9081端口:

[root@ccos-autodeploy-14-67 helloworld]# lsof -i :9080
COMMAND    PID USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
manager 740141 root    7u  IPv6 20226233      0t0  TCP *:glrpc (LISTEN)


[root@ccos-autodeploy-14-67 helloworld]# lsof -i :9081
COMMAND    PID USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
manager 740141 root    8u  IPv6 20226234      0t0  TCP *:9081 (LISTEN)

可以看出, 虽然自身监听了9080和9081端口, 但是在启动后, 需要其他业务主动连接.