Minikube / Docker 代理正在使用端口 80

Question

我在无驱动模式下使用 minikube (sudo minikube start --vm-driver none)，我无法释放端口 80。

与

sudo netstat -nlplute

我得到：

tcp        0      0 192.168.0.14:2380       0.0.0.0:*               LISTEN      0          58500      7200/etcd           
tcp6       0      0 :::80                   :::*                    LISTEN      0          62030      8681/docker-proxy   
tcp6       0      0 :::8080                 :::*                    LISTEN      0          57318      8656/docker-proxy

我试图停止 minikube，但在使用 driver=none

时似乎不起作用

我应该如何释放端口 80？

编辑：完整的 netstat 输出

➜  ~ sudo netstat -nlpute   
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name    
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      102        35399      1019/systemd-resolv 
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      0          6629864    11358/cupsd         
tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      128        45843      1317/postgres       
tcp        0      0 127.0.0.1:6942          0.0.0.0:*               LISTEN      1000       14547489   16086/java          
tcp        0      0 127.0.0.1:10248         0.0.0.0:*               LISTEN      0          58474      1053/kubelet        
tcp        0      0 127.0.0.1:10249         0.0.0.0:*               LISTEN      0          71361      10409/kube-proxy    
tcp        0      0 127.0.0.1:45801         0.0.0.0:*               LISTEN      0          57445      1053/kubelet        
tcp        0      0 192.168.0.14:2379       0.0.0.0:*               LISTEN      0          56922      7920/etcd           
tcp        0      0 127.0.0.1:2379          0.0.0.0:*               LISTEN      0          56921      7920/etcd           
tcp        0      0 192.168.0.14:2380       0.0.0.0:*               LISTEN      0          56917      7920/etcd           
tcp        0      0 127.0.0.1:2381          0.0.0.0:*               LISTEN      0          56084      7920/etcd           
tcp        0      0 127.0.0.1:63342         0.0.0.0:*               LISTEN      1000       14549242   16086/java          
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      0          15699      1/init              
tcp        0      0 127.0.0.1:10257         0.0.0.0:*               LISTEN      0          60857      7889/kube-controlle 
tcp        0      0 127.0.0.1:10259         0.0.0.0:*               LISTEN      0          56932      7879/kube-scheduler 
tcp        0      0 127.0.0.1:5939          0.0.0.0:*               LISTEN      0          48507      2205/teamviewerd    
tcp6       0      0 ::1:631                 :::*                    LISTEN      0          6629863    11358/cupsd         
tcp6       0      0 :::8443                 :::*                    LISTEN      0          55158      7853/kube-apiserver 
tcp6       0      0 :::44444                :::*                    LISTEN      1000       16217187   7252/___go_build_gi 
tcp6       0      0 :::32028                :::*                    LISTEN      0          74556      10409/kube-proxy    
tcp6       0      0 :::10250                :::*                    LISTEN      0          58479      1053/kubelet        
tcp6       0      0 :::30795                :::*                    LISTEN      0          74558      10409/kube-proxy    
tcp6       0      0 :::10251                :::*                    LISTEN      0          56926      7879/kube-scheduler 
tcp6       0      0 :::10252                :::*                    LISTEN      0          60851      7889/kube-controlle 
tcp6       0      0 :::30285                :::*                    LISTEN      0          74559      10409/kube-proxy    
tcp6       0      0 :::31406                :::*                    LISTEN      0          74557      10409/kube-proxy    
tcp6       0      0 :::111                  :::*                    LISTEN      0          15702      1/init              
tcp6       0      0 :::80                   :::*                    LISTEN      0          16269016   16536/docker-proxy  
tcp6       0      0 :::8080                 :::*                    LISTEN      0          16263128   16524/docker-proxy  
tcp6       0      0 :::10256                :::*                    LISTEN      0          75123      10409/kube-proxy    
udp        0      0 0.0.0.0:45455           0.0.0.0:*                           115        40296      1082/avahi-daemon:  
udp        0      0 224.0.0.251:5353        0.0.0.0:*                           1000       16274723   23811/chrome --type 
udp        0      0 224.0.0.251:5353        0.0.0.0:*                           1000       16270144   23728/chrome        
udp        0      0 224.0.0.251:5353        0.0.0.0:*                           1000       16270142   23728/chrome        
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           115        40294      1082/avahi-daemon:  
udp        0      0 127.0.0.53:53           0.0.0.0:*                           102        35398      1019/systemd-resolv 
udp        0      0 192.168.0.14:68         0.0.0.0:*                           0          12307745   1072/NetworkManager 
udp        0      0 0.0.0.0:111             0.0.0.0:*                           0          18653      1/init              
udp        0      0 0.0.0.0:631             0.0.0.0:*                           0          6628156    11360/cups-browsed  
udp6       0      0 :::5353                 :::*                                115        40295      1082/avahi-daemon:  
udp6       0      0 :::111                  :::*                                0          15705      1/init              
udp6       0      0 :::50342                :::*                                115        40297      1082/avahi-daemon:

Answer 1

我已经复制了您的环境 (--vm-driver=none)。起初我认为它可能与 minikube 内置配置有关，但是干净的 Minikube 在默认配置下不使用端口 80。

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.0", GitCommit:"9e991415386e4cf155a24b1da15becaa390438d8", GitTreeState:"clean", BuildDate:"2020-03-25T14:58:59Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.0", GitCommit:"70132b0f130acc0bed193d9ba59dd186f0e634cf", GitTreeState:"clean", BuildDate:"2019-12-07T21:12:17Z", GoVersion:"go1.13.4", Compiler:"gc", Platform:"linux/amd64"}
$ minikube version
minikube version: v1.6.2

$ sudo netstat -nlplute
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name    
tcp        0      0 127.0.0.1:10257         0.0.0.0:*               LISTEN      0          49556      9345/kube-controlle 
tcp        0      0 127.0.0.1:10259         0.0.0.0:*               LISTEN      0          50223      9550/kube-scheduler 
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      101        15218      752/systemd-resolve 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      0          21550      1541/sshd           
tcp        0      0 127.0.0.1:44197         0.0.0.0:*               LISTEN      0          51016      10029/kubelet       
tcp        0      0 127.0.0.1:10248         0.0.0.0:*               LISTEN      0          51043      10029/kubelet       
tcp        0      0 127.0.0.1:10249         0.0.0.0:*               LISTEN      0          52581      10524/kube-proxy    
tcp        0      0 127.0.0.1:2379          0.0.0.0:*               LISTEN      0          49728      9626/etcd           
tcp        0      0 10.156.0.11:2379        0.0.0.0:*               LISTEN      0          49727      9626/etcd           
tcp        0      0 10.156.0.11:2380        0.0.0.0:*               LISTEN      0          49723      9626/etcd           
tcp        0      0 127.0.0.1:2381          0.0.0.0:*               LISTEN      0          49739      9626/etcd           
tcp6       0      0 :::10256                :::*                    LISTEN      0          52577      10524/kube-proxy    
tcp6       0      0 :::22                   :::*                    LISTEN      0          21552      1541/sshd           
tcp6       0      0 :::8443                 :::*                    LISTEN      0          49120      9419/kube-apiserver 
tcp6       0      0 :::10250                :::*                    LISTEN      0          51050      10029/kubelet       
tcp6       0      0 :::10251                :::*                    LISTEN      0          50217      9550/kube-scheduler 
tcp6       0      0 :::10252                :::*                    LISTEN      0          49550      9345/kube-controlle 
udp        0      0 127.0.0.53:53           0.0.0.0:*                           101        15217      752/systemd-resolve 
udp        0      0 10.156.0.11:68          0.0.0.0:*                           100        15574      713/systemd-network 
udp        0      0 127.0.0.1:323           0.0.0.0:*                           0          23984      2059/chronyd        
udp6       0      0 ::1:323                 :::*                                0          23985      2059/chronyd

很好地描述了 docker-proxy 的用途，您可以查看 this article。

When a container starts with its port forwarded to the Docker host on which it runs, in addition to the new process that runs inside the container, you may have noticed an additional process on the Docker host called docker-proxy

这个 docker-proxy 可能类似于 docker zombie process 容器被移除，但是分配的端口没有解锁。不幸的是，这似乎是自 2016 年以来跨版本和 OS 反复出现的 docker 问题。正如我提到的，我认为目前没有解决此问题的方法，但是您可以找到解决方法。

cd /usr/libexec/docker/
ln -s docker-proxy-current docker-proxy
service docker restart
===
$ sudo service docker stop
$ sudo service docker start
===
$ sudo service docker stop
# remove all internal docker network: rm /var/lib/docker/network/files/
$ sudo service docker start
===
$ sudo systemctl stop docker 
$ sudo systemctl start docker

有几个 github 线程提到了这个问题。有关详细信息，请查看 this and this 线程。

Answer 2

在检查我的端口 8080 也被 docker 代理使用后，我做了

   $ docker ps

并注意到端口 80 和端口 8080 都被 traefik 控制器使用：

$ kubectl get services

traefik-ingress-service   ClusterIP   10.96.199.177   <none>        80/TCP,8080/TCP   25d

查看traefik服务时，发现：

kind: Service
apiVersion: v1
metadata:
  name: traefik-ingress-service
spec:
  selector:
    k8s-app: traefik-ingress-lb
  ports:
    - protocol: TCP
      port: 80
      name: web
    - protocol: TCP
      port: 8080
      name: admin

所以，我认为这就是我获得 docker-代理的原因。如果我需要它使用另一个端口，我可以在这里更改它。我的坏:(

Minikube / Docker 代理正在使用端口 80

Minikube / Docker proxy is using port 80

minikube

docker-proxy