Kubernets DNS - Let service contact itself via DNSKubernetes equivalent of env-file in Dockerrequests.get(url) return error code 404 from kubernetes api while the response could be get via curl/GETKubectl apply for a deployment with revHistoryLimit 0 does not delete the old replica set, here is my deploment templateKubernetes kube-dns TLS certificate validationHow to start a pod in command line without deployment in kubernetes?Forbidden: updates to statefulset spec for fields other than 'replicas', 'template', and 'updateStrategy' are forbiddenHow to mount a volume with a windows container in kubernetes?Share nfs volume between kubernetes clustersKubernetes - How to acces to service from a web server in pod with a rest requestKubernetes service not able to curl itself inside docker
How does an ordinary object become radioactive?
Should I give professor gift at the beginning of my PhD?
Preventing Employees from either switching to Competitors or Opening Their Own Business
What is the highest possible temporary AC at level 1, without any help from others?
Universal hash functions with homomorphic XOR property
Confusion around using "des" in sentences
What is the fastest method to figure out which keys contain certain notes?
English word for "product of tinkering"
A planet of ice and fire
Using "subway" as name for London Underground?
Why was the Sega Genesis marketed as a 16-bit console?
Is it possible to 'live off the sea'
An average heaven where everyone has sexless golden bodies and is bored
Do height-balanced binary trees have logarithmic depth?
Should an arbiter claim draw at a K+R vs K+R endgame?
Are there any instruments that don't produce overtones?
Arriving at the same result with the opposite hypotheses
Déjà vu, again?
How to handle self harm scars on the arm in work environment?
Impedance ratio vs. SWR
Mobile App Appraisal
Does an ice chest packed full of frozen food need ice?
How did old MS-DOS games utilize various graphic cards?
Share calendar details request from manager's manager
Kubernets DNS - Let service contact itself via DNS
Kubernetes equivalent of env-file in Dockerrequests.get(url) return error code 404 from kubernetes api while the response could be get via curl/GETKubectl apply for a deployment with revHistoryLimit 0 does not delete the old replica set, here is my deploment templateKubernetes kube-dns TLS certificate validationHow to start a pod in command line without deployment in kubernetes?Forbidden: updates to statefulset spec for fields other than 'replicas', 'template', and 'updateStrategy' are forbiddenHow to mount a volume with a windows container in kubernetes?Share nfs volume between kubernetes clustersKubernetes - How to acces to service from a web server in pod with a rest requestKubernetes service not able to curl itself inside docker
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
Pods in a kubernetes cluster can be reached by sending network requests to the dns of a service that they are a member of. Network requests have to be send to [service].[namespace].svc.cluster.local and get load balanced between all members of that service.
This works fine to let some pod reach another pod, but it fails if a pod tries to reach itself via a service that he's a member of. It always results in a timeout.
Is this a bug in Kubernetes (in my case minikube v0.35.0) or is some additional configuration required?
Here's some debug info:
Let's contact the service from some other pod. This works fine:
daemon@auth-796d88df99-twj2t:/opt/docker$ curl -v -X POST -H "Accept: application/json" --data '' http://message-service.message.svc.cluster.local:9000/message/get-messages
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.107.209.9...
* TCP_NODELAY set
* Connected to message-service.message.svc.cluster.local (10.107.209.9) port 9000 (#0)
> POST /message/get-messages HTTP/1.1
> Host: message-service.message.svc.cluster.local:9000
> User-Agent: curl/7.52.1
> Accept: application/json
> Content-Length: 2
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 2 out of 2 bytes
< HTTP/1.1 401 Unauthorized
< Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
< X-Frame-Options: DENY
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Content-Security-Policy: default-src 'self'
< X-Permitted-Cross-Domain-Policies: master-only
< Date: Wed, 20 Mar 2019 04:36:51 GMT
< Content-Type: text/plain; charset=UTF-8
< Content-Length: 12
<
* Curl_http_done: called premature == 0
* Connection #0 to host message-service.message.svc.cluster.local left intact
Unauthorized
Now we try to let the pod contact the service that he's a member of:
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.107.209.9...
* TCP_NODELAY set
* connect to 10.107.209.9 port 9000 failed: Connection timed out
* Failed to connect to message-service.message.svc.cluster.local port 9000: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to message-service.message.svc.cluster.local port 9000: Connection timed out
If I've read the curl debug log correctly, the dns resolves to the ip address 10.107.209.9. The pod can be reached from any other pod via that ip but the pod cannot use it to reach itself.
Here are the network interfaces of the pod that tries to reach itself:
daemon@message-58466bbc45-lch9j:/opt/docker$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
link/sit 0.0.0.0 brd 0.0.0.0
296: eth0@if297: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:09 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.9/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
Here is the kubernetes file deployed to minikube:
apiVersion: v1
kind: Namespace
metadata:
name: message
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: message
name: message
namespace: message
spec:
replicas: 1
selector:
matchLabels:
app: message
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
app: message
spec:
containers:
- name: message
image: message-impl:0.1.0-SNAPSHOT
imagePullPolicy: Never
ports:
- name: http
containerPort: 9000
protocol: TCP
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KAFKA_KUBERNETES_NAMESPACE
value: kafka
- name: KAFKA_KUBERNETES_SERVICE
value: kafka-svc
- name: CASSANDRA_KUBERNETES_NAMESPACE
value: cassandra
- name: CASSANDRA_KUBERNETES_SERVICE
value: cassandra
- name: CASSANDRA_KEYSPACE
value: service_message
---
# Service for discovery
apiVersion: v1
kind: Service
metadata:
name: message-service
namespace: message
spec:
ports:
- port: 9000
protocol: TCP
selector:
app: message
---
# Expose this service to the api gateway
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: message
namespace: message
annotations:
kubernetes.io/ingress.class: traefik
spec:
rules:
- host: api.fload.cf
http:
paths:
- path: /message
backend:
serviceName: message-service
servicePort: 9000
kubernetes dns kube-proxy asked Mar 24 at 17:06
AkiAki
1,138215
add a comment |
Pods in a kubernetes cluster can be reached by sending network requests to the dns of a service that they are a member of. Network requests have to be send to [service].[namespace].svc.cluster.local and get load balanced between all members of that service.
This works fine to let some pod reach another pod, but it fails if a pod tries to reach itself via a service that he's a member of. It always results in a timeout.
Is this a bug in Kubernetes (in my case minikube v0.35.0) or is some additional configuration required?
Here's some debug info:
Let's contact the service from some other pod. This works fine:
daemon@auth-796d88df99-twj2t:/opt/docker$ curl -v -X POST -H "Accept: application/json" --data '' http://message-service.message.svc.cluster.local:9000/message/get-messages
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.107.209.9...
* TCP_NODELAY set
* Connected to message-service.message.svc.cluster.local (10.107.209.9) port 9000 (#0)
> POST /message/get-messages HTTP/1.1
> Host: message-service.message.svc.cluster.local:9000
> User-Agent: curl/7.52.1
> Accept: application/json
> Content-Length: 2
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 2 out of 2 bytes
< HTTP/1.1 401 Unauthorized
< Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
< X-Frame-Options: DENY
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Content-Security-Policy: default-src 'self'
< X-Permitted-Cross-Domain-Policies: master-only
< Date: Wed, 20 Mar 2019 04:36:51 GMT
< Content-Type: text/plain; charset=UTF-8
< Content-Length: 12
<
* Curl_http_done: called premature == 0
* Connection #0 to host message-service.message.svc.cluster.local left intact
Unauthorized
Now we try to let the pod contact the service that he's a member of:
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.107.209.9...
* TCP_NODELAY set
* connect to 10.107.209.9 port 9000 failed: Connection timed out
* Failed to connect to message-service.message.svc.cluster.local port 9000: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to message-service.message.svc.cluster.local port 9000: Connection timed out
If I've read the curl debug log correctly, the dns resolves to the ip address 10.107.209.9. The pod can be reached from any other pod via that ip but the pod cannot use it to reach itself.
Here are the network interfaces of the pod that tries to reach itself:
daemon@message-58466bbc45-lch9j:/opt/docker$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
link/sit 0.0.0.0 brd 0.0.0.0
296: eth0@if297: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:09 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.9/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
Here is the kubernetes file deployed to minikube:
apiVersion: v1
kind: Namespace
metadata:
name: message
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: message
name: message
namespace: message
spec:
replicas: 1
selector:
matchLabels:
app: message
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
app: message
spec:
containers:
- name: message
image: message-impl:0.1.0-SNAPSHOT
imagePullPolicy: Never
ports:
- name: http
containerPort: 9000
protocol: TCP
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KAFKA_KUBERNETES_NAMESPACE
value: kafka
- name: KAFKA_KUBERNETES_SERVICE
value: kafka-svc
- name: CASSANDRA_KUBERNETES_NAMESPACE
value: cassandra
- name: CASSANDRA_KUBERNETES_SERVICE
value: cassandra
- name: CASSANDRA_KEYSPACE
value: service_message
---
# Service for discovery
apiVersion: v1
kind: Service
metadata:
name: message-service
namespace: message
spec:
ports:
- port: 9000
protocol: TCP
selector:
app: message
---
# Expose this service to the api gateway
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: message
namespace: message
annotations:
kubernetes.io/ingress.class: traefik
spec:
rules:
- host: api.fload.cf
http:
paths:
- path: /message
backend:
serviceName: message-service
servicePort: 9000
asked Mar 24 at 17:06
AkiAki
1,138215
Just curious to know , why are you trying to achieve the communication this way, isnt a simple localhost working or not good enough
– fatcook
Mar 25 at 5:14
I have client implementations for each api of each microservice. They know the namespace and service name and use that to contact the corresponding api via dns. Telling these clients whether they are contacting a service that their containing container hosts is not so easy since they use scala singleton objects.
– Aki
Mar 25 at 5:35
That's odd - this works fine for me (running on a "real" cluster though, not minikube). How are you defining the service? Is it headless?
– PoweredByOrange
Mar 25 at 14:11
@PoweredByOrange I've attached the deployed .yml file to the question
– Aki
Mar 25 at 14:42
add a comment |
Pods in a kubernetes cluster can be reached by sending network requests to the dns of a service that they are a member of. Network requests have to be send to [service].[namespace].svc.cluster.local and get load balanced between all members of that service.
This works fine to let some pod reach another pod, but it fails if a pod tries to reach itself via a service that he's a member of. It always results in a timeout.
Is this a bug in Kubernetes (in my case minikube v0.35.0) or is some additional configuration required?
Here's some debug info:
Let's contact the service from some other pod. This works fine:
daemon@auth-796d88df99-twj2t:/opt/docker$ curl -v -X POST -H "Accept: application/json" --data '' http://message-service.message.svc.cluster.local:9000/message/get-messages
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.107.209.9...
* TCP_NODELAY set
* Connected to message-service.message.svc.cluster.local (10.107.209.9) port 9000 (#0)
> POST /message/get-messages HTTP/1.1
> Host: message-service.message.svc.cluster.local:9000
> User-Agent: curl/7.52.1
> Accept: application/json
> Content-Length: 2
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 2 out of 2 bytes
< HTTP/1.1 401 Unauthorized
< Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
< X-Frame-Options: DENY
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Content-Security-Policy: default-src 'self'
< X-Permitted-Cross-Domain-Policies: master-only
< Date: Wed, 20 Mar 2019 04:36:51 GMT
< Content-Type: text/plain; charset=UTF-8
< Content-Length: 12
<
* Curl_http_done: called premature == 0
* Connection #0 to host message-service.message.svc.cluster.local left intact
Unauthorized
Now we try to let the pod contact the service that he's a member of:
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.107.209.9...
* TCP_NODELAY set
* connect to 10.107.209.9 port 9000 failed: Connection timed out
* Failed to connect to message-service.message.svc.cluster.local port 9000: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to message-service.message.svc.cluster.local port 9000: Connection timed out
If I've read the curl debug log correctly, the dns resolves to the ip address 10.107.209.9. The pod can be reached from any other pod via that ip but the pod cannot use it to reach itself.
Here are the network interfaces of the pod that tries to reach itself:
daemon@message-58466bbc45-lch9j:/opt/docker$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
link/sit 0.0.0.0 brd 0.0.0.0
296: eth0@if297: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:09 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.9/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
Here is the kubernetes file deployed to minikube:
apiVersion: v1
kind: Namespace
metadata:
name: message
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: message
name: message
namespace: message
spec:
replicas: 1
selector:
matchLabels:
app: message
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
app: message
spec:
containers:
- name: message
image: message-impl:0.1.0-SNAPSHOT
imagePullPolicy: Never
ports:
- name: http
containerPort: 9000
protocol: TCP
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KAFKA_KUBERNETES_NAMESPACE
value: kafka
- name: KAFKA_KUBERNETES_SERVICE
value: kafka-svc
- name: CASSANDRA_KUBERNETES_NAMESPACE
value: cassandra
- name: CASSANDRA_KUBERNETES_SERVICE
value: cassandra
- name: CASSANDRA_KEYSPACE
value: service_message
---
# Service for discovery
apiVersion: v1
kind: Service
metadata:
name: message-service
namespace: message
spec:
ports:
- port: 9000
protocol: TCP
selector:
app: message
---
# Expose this service to the api gateway
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: message
namespace: message
annotations:
kubernetes.io/ingress.class: traefik
spec:
rules:
- host: api.fload.cf
http:
paths:
- path: /message
backend:
serviceName: message-service
servicePort: 9000
asked Mar 24 at 17:06
AkiAki
1,138215
Pods in a kubernetes cluster can be reached by sending network requests to the dns of a service that they are a member of. Network requests have to be send to [service].[namespace].svc.cluster.local and get load balanced between all members of that service.
This works fine to let some pod reach another pod, but it fails if a pod tries to reach itself via a service that he's a member of. It always results in a timeout.
Is this a bug in Kubernetes (in my case minikube v0.35.0) or is some additional configuration required?
Here's some debug info:
Let's contact the service from some other pod. This works fine:
daemon@auth-796d88df99-twj2t:/opt/docker$ curl -v -X POST -H "Accept: application/json" --data '' http://message-service.message.svc.cluster.local:9000/message/get-messages
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.107.209.9...
* TCP_NODELAY set
* Connected to message-service.message.svc.cluster.local (10.107.209.9) port 9000 (#0)
> POST /message/get-messages HTTP/1.1
> Host: message-service.message.svc.cluster.local:9000
> User-Agent: curl/7.52.1
> Accept: application/json
> Content-Length: 2
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 2 out of 2 bytes
< HTTP/1.1 401 Unauthorized
< Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
< X-Frame-Options: DENY
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Content-Security-Policy: default-src 'self'
< X-Permitted-Cross-Domain-Policies: master-only
< Date: Wed, 20 Mar 2019 04:36:51 GMT
< Content-Type: text/plain; charset=UTF-8
< Content-Length: 12
<
* Curl_http_done: called premature == 0
* Connection #0 to host message-service.message.svc.cluster.local left intact
Unauthorized
Now we try to let the pod contact the service that he's a member of:
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.107.209.9...
* TCP_NODELAY set
* connect to 10.107.209.9 port 9000 failed: Connection timed out
* Failed to connect to message-service.message.svc.cluster.local port 9000: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to message-service.message.svc.cluster.local port 9000: Connection timed out
If I've read the curl debug log correctly, the dns resolves to the ip address 10.107.209.9. The pod can be reached from any other pod via that ip but the pod cannot use it to reach itself.
Here are the network interfaces of the pod that tries to reach itself:
daemon@message-58466bbc45-lch9j:/opt/docker$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
link/sit 0.0.0.0 brd 0.0.0.0
296: eth0@if297: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:09 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.9/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
Here is the kubernetes file deployed to minikube:
apiVersion: v1
kind: Namespace
metadata:
name: message
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: message
name: message
namespace: message
spec:
replicas: 1
selector:
matchLabels:
app: message
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
app: message
spec:
containers:
- name: message
image: message-impl:0.1.0-SNAPSHOT
imagePullPolicy: Never
ports:
- name: http
containerPort: 9000
protocol: TCP
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KAFKA_KUBERNETES_NAMESPACE
value: kafka
- name: KAFKA_KUBERNETES_SERVICE
value: kafka-svc
- name: CASSANDRA_KUBERNETES_NAMESPACE
value: cassandra
- name: CASSANDRA_KUBERNETES_SERVICE
value: cassandra
- name: CASSANDRA_KEYSPACE
value: service_message
---
# Service for discovery
apiVersion: v1
kind: Service
metadata:
name: message-service
namespace: message
spec:
ports:
- port: 9000
protocol: TCP
selector:
app: message
---
# Expose this service to the api gateway
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: message
namespace: message
annotations:
kubernetes.io/ingress.class: traefik
spec:
rules:
- host: api.fload.cf
http:
paths:
- path: /message
backend:
serviceName: message-service
servicePort: 9000
asked Mar 24 at 17:06
AkiAki
1,138215
asked Mar 24 at 17:06
AkiAki
1,138215
edited Mar 25 at 16:14
Aki
asked Mar 24 at 17:06
AkiAki
1,138215
asked Mar 24 at 17:06
AkiAki
1,138215
asked Mar 24 at 17:06
AkiAki
1,138215
1,138215
Just curious to know , why are you trying to achieve the communication this way, isnt a simple localhost working or not good enough
– fatcook
Mar 25 at 5:14
I have client implementations for each api of each microservice. They know the namespace and service name and use that to contact the corresponding api via dns. Telling these clients whether they are contacting a service that their containing container hosts is not so easy since they use scala singleton objects.
– Aki
Mar 25 at 5:35
That's odd - this works fine for me (running on a "real" cluster though, not minikube). How are you defining the service? Is it headless?
– PoweredByOrange
Mar 25 at 14:11
@PoweredByOrange I've attached the deployed .yml file to the question
– Aki
Mar 25 at 14:42
add a comment |
Just curious to know , why are you trying to achieve the communication this way, isnt a simple localhost working or not good enough
– fatcook
Mar 25 at 5:14
I have client implementations for each api of each microservice. They know the namespace and service name and use that to contact the corresponding api via dns. Telling these clients whether they are contacting a service that their containing container hosts is not so easy since they use scala singleton objects.
– Aki
Mar 25 at 5:35
That's odd - this works fine for me (running on a "real" cluster though, not minikube). How are you defining the service? Is it headless?
– PoweredByOrange
Mar 25 at 14:11
@PoweredByOrange I've attached the deployed .yml file to the question
– Aki
Mar 25 at 14:42
Just curious to know , why are you trying to achieve the communication this way, isnt a simple localhost working or not good enough
– fatcook
Mar 25 at 5:14
Just curious to know , why are you trying to achieve the communication this way, isnt a simple localhost working or not good enough
– fatcook
Mar 25 at 5:14
I have client implementations for each api of each microservice. They know the namespace and service name and use that to contact the corresponding api via dns. Telling these clients whether they are contacting a service that their containing container hosts is not so easy since they use scala singleton objects.
– Aki
Mar 25 at 5:35
I have client implementations for each api of each microservice. They know the namespace and service name and use that to contact the corresponding api via dns. Telling these clients whether they are contacting a service that their containing container hosts is not so easy since they use scala singleton objects.
– Aki
Mar 25 at 5:35
That's odd - this works fine for me (running on a "real" cluster though, not minikube). How are you defining the service? Is it headless?
– PoweredByOrange
Mar 25 at 14:11
That's odd - this works fine for me (running on a "real" cluster though, not minikube). How are you defining the service? Is it headless?
– PoweredByOrange
Mar 25 at 14:11
@PoweredByOrange I've attached the deployed .yml file to the question
– Aki
Mar 25 at 14:42
@PoweredByOrange I've attached the deployed .yml file to the question
– Aki
Mar 25 at 14:42
add a comment |
1 Answer
1
active
oldest
votes
This is a known minikube issue. The discussion contains the following workarounds:
1) Try:
minikube ssh
sudo ip link set docker0 promisc on
2) Use a headless service: clusterIP: None
answered May 13 at 8:51
BartoszKPBartoszKP
27.3k1073109
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55326310%2fkubernets-dns-let-service-contact-itself-via-dns%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is a known minikube issue. The discussion contains the following workarounds:
1) Try:
minikube ssh
sudo ip link set docker0 promisc on
2) Use a headless service: clusterIP: None
answered May 13 at 8:51
BartoszKPBartoszKP
27.3k1073109
add a comment |
This is a known minikube issue. The discussion contains the following workarounds:
1) Try:
minikube ssh
sudo ip link set docker0 promisc on
2) Use a headless service: clusterIP: None
answered May 13 at 8:51
BartoszKPBartoszKP
27.3k1073109
add a comment |
This is a known minikube issue. The discussion contains the following workarounds:
1) Try:
minikube ssh
sudo ip link set docker0 promisc on
2) Use a headless service: clusterIP: None
answered May 13 at 8:51
BartoszKPBartoszKP
27.3k1073109
This is a known minikube issue. The discussion contains the following workarounds:
1) Try:
minikube ssh
sudo ip link set docker0 promisc on
2) Use a headless service: clusterIP: None
answered May 13 at 8:51
BartoszKPBartoszKP
27.3k1073109
answered May 13 at 8:51
BartoszKPBartoszKP
27.3k1073109
answered May 13 at 8:51
BartoszKPBartoszKP
27.3k1073109
answered May 13 at 8:51
BartoszKPBartoszKP
27.3k1073109
27.3k1073109
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55326310%2fkubernets-dns-let-service-contact-itself-via-dns%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Just curious to know , why are you trying to achieve the communication this way, isnt a simple localhost working or not good enough
– fatcook
Mar 25 at 5:14
I have client implementations for each api of each microservice. They know the namespace and service name and use that to contact the corresponding api via dns. Telling these clients whether they are contacting a service that their containing container hosts is not so easy since they use scala singleton objects.
– Aki
Mar 25 at 5:35
That's odd - this works fine for me (running on a "real" cluster though, not minikube). How are you defining the service? Is it headless?
– PoweredByOrange
Mar 25 at 14:11
@PoweredByOrange I've attached the deployed .yml file to the question
– Aki
Mar 25 at 14:42