AKS cluster pod is being polled by unknown pod IP

12/6/2019

After setting up a Kubernetes service running an FTP application with port mapping 21 inside AKS, I noticed that port 21 is being probed by some kind of process. The following is being logged from within my FTP application:

[I 2019-12-06 23:38:56] 10.244.0.1:56287-[] FTP session closed (disconnect).
[I 2019-12-06 23:38:56] 10.244.0.1:56330-[] FTP session opened (connect)
[I 2019-12-06 23:39:02] 10.244.0.1:56330-[] FTP session closed (disconnect).
[I 2019-12-06 23:39:02] 10.244.0.1:56376-[] FTP session opened (connect)
  • The VM this pod is on has IP range 10.244.0.0/24

  • There is no Container Insights or anything else configured

  • I don't believe this is Readiness or Liveness probes, as I have overridden those - but it does look a lot like some kind of generic TCP probe on whatever port is being configured in the port mapping?

  • The full dump of all pods gives

NAMESPACE     NAME                                    READY   STATUS    RESTARTS   AGE     IP            NODE                       NOMINATED NODE   READINESS GATES
kube-system   coredns-866fc6b6c8-5cgll                1/1     Running   0          86m     10.244.0.7    aks-agentpool-40501316-0   <none>           <none>
kube-system   coredns-866fc6b6c8-nrbk2                1/1     Running   0          93m     10.244.0.4    aks-agentpool-40501316-0   <none>           <none>
kube-system   coredns-autoscaler-5d5695b54f-82jkb     1/1     Running   0          92m     10.244.0.2    aks-agentpool-40501316-0   <none>           <none>
kube-system   kube-proxy-sk59f                        1/1     Running   0          81m     10.240.0.4    aks-agentpool-40501316-0   <none>           <none>
kube-system   kubernetes-dashboard-6f697bd9f5-s7kgz   1/1     Running   0          92m     10.244.0.5    aks-agentpool-40501316-0   <none>           <none>
kube-system   metrics-server-566bd9b4f7-gqnw9         1/1     Running   1          93m     10.244.0.3    aks-agentpool-40501316-0   <none>           <none>
kube-system   tunnelfront-855c64f898-xhk6m            1/1     Running   0          92m     10.244.0.6    aks-agentpool-40501316-0   <none>           <none>
test          test-b8487b946-z6tlb                 1/1     Running   0          9m24s   10.244.0.13   aks-agentpool-40501316-0   <none>           <none>

I must be missing something obvious here. What is constantly polling my application every 6 seconds? On a node with IP range 10.244.0.0/24, what is the thing that is being created at 10.244.0.1?

-- user1610325
azure-aks
kubernetes

1 Answer

12/7/2019

If you are having a service of type LoadBalancer mapped to this pod - this would be the Azure Load Balancer probes doing the health check to determine if the service is alive.

-- 4c74356b41
Source: StackOverflow