I'm a bit confused about communication model between K8s master components. How does kube-apiserver, kube-controller-manager and kube-scheduler communicate with each other?
According to official doc, it seems to me that only kube-controller-manager and kube-scheduler connects to kube-apiserver, but not the other way around. However, I found there were bunch of server-flavored flags provided by both kube-controller-manager and kube-scheduler, such as --bind-address or --client-ca-file. So they are both definitely acting as a server too, which I can further confirm using curl localhost:10251/healthz and curl localhost:10252/healthz.
So the big question mark in my head now is that, what functionalities were provided by kube-controller-manager's and kube-scheduler's server ports? And were they used by kube-apiserver?
They are not used by kube-apiserver.
That is health check ports to export current health status and metrics. --client-ca-file is an option for outgoing connections.
Here is a related path of a source code of kube-scheduler.