Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Kubernetes: How to allow two pods running in same/different namespace communicate irrespective of the protocol using a servicename?

Tags:

kubernetes

kubernetes-service

kubernetes-networkpolicy

Allow two pods (say pod A and B) running in same/different namespace communicate irrespective of the protocol(say http,https,akka.tcp) along with a valid Network policy applied.

Solutions tried:

  1. Tried applying network policy to both the pods and also used the service name: “my-svc.my-namespace.svc.cluster.local” to make pod B communicate to pod A which is running the service “my-svc” but both failed to communicate.

  2. Also tried adding the IP address and host mapping of pod A in pod B while it’s deployment, then pod B was able to communicate to pod A but inverse communication is failing.

Kindly suggest me a way to fix this.

like image 486
Harsha G V Avatar asked Sep 19 '19 11:09

Harsha G V

People also ask

Can pods in different namespaces communicate?

A Pod can communicate with another Pod by directly addressing its IP address, but the recommended way is to use Services. A Service is a set of Pods, which can be reached by a single, fixed DNS name or IP address. In reality, most applications on Kubernetes use Services as a way to communicate with each other.

Can 2 pods communicate in Kubernetes?

Kubernetes assumes that pods can communicate with other pods, regardless of which host they land on. Kubernetes gives every pod its own cluster-private IP address, so you do not need to explicitly create links between pods or map container ports to host ports.

How do two containers in the same pod communicate?

Containers in a Pod share the same IPC namespace, which means they can also communicate with each other using standard inter-process communications such as SystemV semaphores or POSIX shared memory. Containers use the strategy of the localhost hostname for communication within a Pod.

Can we run containers of same pod on different nodes?

In a pre-container world, they would have run on the same physical or virtual machine. Pods are tied to the Node where they are deployed and remain there until termination (according to restart policy) or deletion. In case of a Node failure, new identical Pods will be deployed on other available Nodes.

1 Answers

By default, pods can communicate with each other by their IP address, regardless of the namespace they're in.

You can see the IP address of each pod with:

kubectl get pods -o wide --all-namespaces

However, the normal way to communicate within a cluster is through Service resources.

A Service also has an IP address and additionally a DNS name. A Service is backed by a set of pods. The Service forwards requests to itself to one of the backing pods.

The fully qualified DNS name of a Service is:

<service-name>.<service-namespace>.svc.cluster.local

This can be resolved to the IP address of the Service from anywhere in the cluster (regardless of namespace).

For example, if you have:

  • Namespace ns-a: Service svc-a → set of pods A
  • Namespace ns-b: Service svc-b → set of pods B

Then a pod of set A can reach a pod of set B by making a request to:

svc-b.ns-b.svc.cluster.local
like image 120
weibeld Avatar answered Sep 19 '22 16:09

weibeld
Sign in to Comment

Related questions

How to access PersistentVolume files on docker-for-desktop?
What is the default memory allocated for a pod
How to get the id of the run from within a component?
Kubernetes: How to pass pipe character in readiness probe command
pods is forbidden: User "system:serviceaccount:kubernetes-dashboard:admin-user" cannot list resource "pods" in API group "" in the namespace "default"
Error: UPGRADE FAILED: failed to replace object: Service "api" is invalid: spec.clusterIP: Invalid value: "": field is immutable
Kubernetes: How to set boolean type variable in configMap
1 pod has unbound immediate PersistentVolumeClaims on Minikube
Docker container with non-root user deployed in Google Container Engine can not write to mounted GCE Persistent disk
Kubernetes simple authentication
how to change existing kubernetes aws cluster with kops (change nodes type)
NodePort services not available on all nodes
How to add flag to Kubernetes controller manager
Kubernetes, VolumeMounts a file, not a directory
How to have multiple kubernetes config and change quicky between them
How to fix "Http11NioProtocol: Error reading request, ignored"
Minikube won't work after Ubuntu upgrade to 19.10
Kubernetes Ingress: Internal error occurred: failed calling webhook "validate.nginx.ingress.kubernetes.io"
How to integrate Kubernetes with Gitlab
Update Node Selector field for PODs on the fly

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!