k8s basic and supply chain

k8s service

Kubernetes API Serve
local port:8080

secure port:6443
if configure the dashboard /ui

---

etcd service
default port:2379
/v2/keys/?recursive=true -> return all the value
/v2/members -> return all member

---

Kubelet service
default port:10250

/pods -> return the pod information

---

proxy service
defualt port:may be 3182
this is unauth proxy can visit the internal network

• https://github.com/kubernetes/kubernetes/pull/71980
• https://www.cloudfoundry.org/blog/k8s-api-server-proxy/

---

supply chain

docker services

Rest API(RCE)
default port:2375

/containers/json -> get container running information

this is a proxy server. does not respond to non-proxy requests

---

port -> service

8080/6443 kube-apiserver
10250/10255/4149 kubelet
2379 etcd
30000 dashboard
2375 docker api
10256 kube-proxy
9099 calico-felix
9090 prometheus

I collect the endpoint for test k8s-api

reference

• https://www.freebuf.com/vuls/196993.html