Skip to content

K8s finding exposed ports

Get node IP

kubectl get node -o wide
or 
export TARGET=`minikube ip`

Get all ports

nmap -p- -A -sV $TARGET

nmap -n -T4 -p 443,2379,6666,4194,6443,8443,8080,10250,10255,10256,9099,6782-6784,30000-32767,44134 $TARGET/16

output 

22/tcp    Kubernetes API port
443/tcp   SSH
2375/tcp  Docker demon
2376/tcp  Docker demon ssl
2379/tcp  ETCD
4194/tcp  Container metrics
2380/tcp  ETCD
6443/tcp  Kubernetes API port
6666/tcp  ETCD
6782/tcp  Metrics and endpoints
6783/tcp  Metrics and endpoints
6784/tcp  Metrics and endpoints
8080/tcp  Insecure API port
8443/tcp  Minikube API port
9099/tcp  Health check server for Calico
10249/tcp metrics server
10250/tcp HTTPS API which allows full mode access
10255/tcp Unauthenticated read-only HTTP port: pods, running pods and node state
10256/tcp Kube Proxy health check server
44134/tcp Helm service listening