imjliu

What is kube-proxy

kube-proxy is a core component of kubernetes, it usually runs as daemonset on every node in the cluster, But it can also run as a standalone process oin each node, but in that case better use a service management tool to control it like systemd

Kube-proxy’s purpose

it is used for managing the traffic between service, pod, node by writing iptables or ipvs. It is utilizing three informer, node, service, endpoint, everytime these resources are changing, the informers will trigger the relevent event then kube-proxy will set the rules as expected. So for example, manually modifying the iptables rules or ipve ruls are not expected because the modifying rules will be changed back by the kube-proxy

But basically, the service and endpoint are the key resources kube-proxy is watching from api-server.

Kube-proxy is also setting several chains as post/pre dealing chains in iptables mode since this is reallyu common mode, they are defined at https://github.com/kubernetes/kubernetes/blob/master/pkg/proxy/iptables/proxier.go

Core Components

• Service Handler/Config/Tracker/Cache/…
• Endpoint Handler/Config/Tracker/…
• Node Handler/…

The above ones may be wrong since I havent read the code in depth.

Health Check && Metrics

kube-proxy is listening on local’s 10256 as health check

kube-proxy is exporting metrics on local’s 10249, the metrics can be found at https://github.com/kubernetes/kubernetes/blob/master/pkg/proxy/metrics/metrics.go

---

[1] https://github.com/kubernetes/kubernetes/tree/master/pkg/proxy