OpenShift route accessible from outside the PAAS but not from a client inside the PAAS

5/17/2018

Inside the same openshift project, I have an application1 (APP1) in POD1 and another application (APP2) in POD2.
Both these applications are offering REST API services. These 2 applications are accesible using 2 differents openshift route.

Acessing the two applications from outside the PAAS (openshift) is working fine: meaning doing a CURL to APP1/APP2 using openhsift route from a client outside the PAAS is working.

But when APP1 in POD1 is targeeting the REST service offered by APP2 in POD2 using APP2's openshift route. It is failing.
Similarly doing a CURL from APP1's container (using oc rsh) to APP2 using openshift route is failing.

However if APP1 is deployed outside this PAAS, the client call to APP2 using open shift route is working.
Similarly doing a CURL to APP2 using openshift route is working fine from outside the PAAS.

Also if I use service PAAS internal IP/PORT (10.224.x.y), this will solve the issue. But implies to use two different adresses depending if we target APP2 from inside or outside the PAAS.

So the question is how to make an openshift route visible from inside and outside the PAAS?

Or is is there an alternative way to share same hostname/port to access APP2 from inside and outside the PAAS?

-- scoulomb
kubernetes
networking
openshift
paas

1 Answer

5/18/2018

You may want to have a look at:

https://docs.openshift.com/container-platform/3.7/architecture/networking/networking.html

For internal communication it is sufficient to use the name of the service (in your case use app1-svc in app2 to communicate with app1). You can find the name of your service when you visit the routes view - the column "Routes To" shows you the service name.

How services work and how they are configured is explained here in detail:

https://docs.openshift.com/container-platform/3.7/architecture/core_concepts/pods_and_services.html#services

-- M0nt3c1t0
Source: StackOverflow