netstat命令各个参数说明如下:
-t : 指明显示TCP端口
-u : 指明显示UDP端口
-l : 仅显示监听套接字(所谓套接字就是使应用程序能够读写与收发通讯协议(protocol)与资料的程序)
-p : 显示进程标识符和程序名称,每一个套接字/端口都属于一个程序。
-n : 不进行DNS轮询,显示IP
netstat -ltnp //查看当前所有tcp端口
[root@master ~]# netstat -ltnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:10248 0.0.0.0:* LISTEN 126009/kubelet
tcp 0 0 127.0.0.1:10249 0.0.0.0:* LISTEN 54959/kube-proxy
tcp 0 0 127.0.0.1:10250 0.0.0.0:* LISTEN 126009/kubelet
tcp 0 0 127.0.0.1:2380 0.0.0.0:* LISTEN 4102/etcd
tcp 0 0 127.0.0.1:10255 0.0.0.0:* LISTEN 126009/kubelet
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1379/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1068/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1066/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1320/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 105671/sshd: root@p
tcp6 0 0 :::5000 :::* LISTEN 127542/docker-proxy
tcp6 0 0 :::6443 :::* LISTEN 4333/kube-apiserver
tcp6 0 0 :::10251 :::* LISTEN 4340/kube-scheduler
tcp6 0 0 :::2379 :::* LISTEN 4102/etcd
tcp6 0 0 :::10252 :::* LISTEN 4341/kube-controlle
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::8080 :::* LISTEN 4333/kube-apiserver
tcp6 0 0 :::22 :::* LISTEN 1068/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1066/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1320/master
tcp6 0 0 ::1:6010 :::* LISTEN 105671/sshd: root@p
tcp6 0 0 :::4194 :::* LISTEN 126009/kubelet
netstat -ltnp |grep 8080 //查看所有80端口使用情况·
[root@master ~]# netstat -ltnp|grep 8080
tcp6 0 0 :::8080 :::* LISTEN 4333/kube-apiserver
[root@master ~]# netstat -ltnp|grep kube-apiserver
tcp6 0 0 :::6443 :::* LISTEN 4333/kube-apiserver
tcp6 0 0 :::8080 :::* LISTEN 4333/kube-apiserver
查看一个服务有几个端口。比如要查看kube-apiserver
ps -ef |grep kube-apiserver
ps -ef |grep 8080
[root@master ~]# ps -ef |grep kube-apiserver
kube 4333 1 1 15:34 ? 00:04:30 /usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd-servers=http://server11:2379 --insecure-bind-address=0.0.0.0 --allow-privileged=false --service-cluster-ip-range=10.254.0.0/16 --admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota
root 110607 105824 0 20:45 pts/1 00:00:00 grep --color=auto kube-apiserver
[root@master ~]# ps -ef |grep 8080
kube 4340 1 0 15:34 ? 00:00:47 /usr/bin/kube-scheduler --logtostderr=true --v=0 --master=http://master:8080
kube 4341 1 1 15:34 ? 00:03:36 /usr/bin/kube-controller-manager --logtostderr=true --v=0 --master=http://master:8080
root 54959 1 2 16:08 ? 00:07:40 /usr/bin/kube-proxy --logtostderr=true --v=0 --master=http://master:8080
root 110891 105824 0 20:45 pts/1 00:00:00 grep --color=auto 8080
root 126009 1 6 17:50 ? 00:11:11 /usr/bin/kubelet --logtostderr=true --v=0 --api-servers=http://master:8080 --address=127.0.0.1 --hostname-override=master --allow-privileged=false --pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest
lsof -i :port,使用lsof -i :port就能看见所指定端口运行的程序,同时还有当前连接。
[root@master ~]# lsof -i:53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
dnsmasq 1379 nobody 5u IPv4 27407 0t0 UDP master:domain
dnsmasq 1379 nobody 6u IPv4 27408 0t0 TCP master:domain (LISTEN)
kill -9 进程号
[root@master ~]# netstat -ltnp|grep 8080
tcp6 0 0 :::8080 :::* LISTEN 116334/kube-apiserv
[root@master ~]# ps -ef |grep 116334
kube 116334 1 0 20:54 ? 00:00:02 /usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd-servers=http://server11:2379 --insecure-bind-address=0.0.0.0 --allow-privileged=false --service-cluster-ip-range=10.254.0.0/16 --admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota
root 119732 105824 0 20:59 pts/1 00:00:00 grep --color=auto 116334
[root@master ~]# kill -9 116334
[root@master ~]# ps -ef |grep 116334
root 120129 105824 0 21:00 pts/1 00:00:00 grep --color=auto 116334
netstat -ltnp |grep 常用于端口,进程号,和服务的查询
ps -ef|grep 常用于进程或者服务的查询
lsof -i:port 常用于端口号的查询