K
Q

Kubernetes ExternalName service not visible in DNS

9/16/2018

I'm trying to expose a single database instance as a service in two Kubernetes namespaces. Kubernetes version 1.11.3 running on Ubuntu 16.04.1. The database service is visible and working in the default namespace. I created an ExternalName service in a non-default namespace referencing the fully qualified domain name in the default namespace as follows:

kind: Service
apiVersion: v1
metadata:
  name: ws-mysql
  namespace: wittlesouth
spec:
  type: ExternalName
  externalName: mysql.default.svc.cluster.local
  ports:
  - port: 3306

The service is running:

eric$ kubectl describe service ws-mysql --namespace=wittlesouth
Name:              ws-mysql
Namespace:         wittlesouth
Labels:            <none>
Annotations:       <none>
Selector:          <none>
Type:              ExternalName
IP:                
External Name:     mysql.default.svc.cluster.local
Port:              <unset>  3306/TCP
TargetPort:        3306/TCP
Endpoints:         <none>
Session Affinity:  None
Events:            <none>

If I check whether the service can be found by name from a pod running in the wittlesouth namespace, this service name does not resolve, but other services in that namespace (i.e. Jira) do:

root@rs-ws-diags-8mgqq:/# nslookup mysql.default.svc.cluster.local
Server:     10.96.0.10
Address:    10.96.0.10#53

Name:   mysql.default.svc.cluster.local
Address: 10.99.120.208

root@rs-ws-diags-8mgqq:/# nslookup ws-mysql.wittlesouth
Server:     10.96.0.10
Address:    10.96.0.10#53

*** Can't find ws-mysql.wittlesouth: No answer

root@rs-ws-diags-8mgqq:/# nslookup ws-mysql            
Server:     10.96.0.10
Address:    10.96.0.10#53

*** Can't find ws-mysql: No answer

root@rs-ws-diags-8mgqq:/# nslookup ws-mysql.wittlesouth
Server:     10.96.0.10
Address:    10.96.0.10#53

*** Can't find ws-mysql.wittlesouth: No answer

root@rs-ws-diags-8mgqq:/# nslookup ws-mysql.wittlesouth.svc.cluster.local
Server:     10.96.0.10
Address:    10.96.0.10#53

*** Can't find ws-mysql.wittlesouth.svc.cluster.local: No answer

root@rs-ws-diags-8mgqq:/# nslookup ws-mysql.wittlesouth
Server:     10.96.0.10
Address:    10.96.0.10#53

*** Can't find ws-mysql.wittlesouth: No answer

root@rs-ws-diags-8mgqq:/# nslookup jira.wittlesouth
Server:     10.96.0.10
Address:    10.96.0.10#53

Name:   jira.wittlesouth.svc.cluster.local
Address: 10.105.30.239

Any thoughts on what might be the issue here? For the moment I've worked around it by updating applications that need to use the database to reference the fully qualified domain name of the service running in the default namespace, but I'd prefer to avoid that. My intent eventually is to have the namespaces have separate database instances, and would like to deploy apps configured to work that way now in advance of actually standing up the second instance.

-- E. Wittle
kubernetes

Similar Questions

Should all pods using a redis cache be constrained to the same node as the rediscache itself?
Kubernetes: find Java application specific logs in one pod when application crashes
PDO establishing connection to Azure PostgreSQL is very slow
How access variable declared earlier in same cloudbuild.yaml file
Advertised kafka connect rest listener on K8s
Couldn&#39;t Make Django Talk with Postgres in k8s
What is the appropriate coredns config using calico?
kubectl error while connecting to Rancher Kube API server behind nginx
distribute database data to .net microservice replicas
Start two jars into same kubernetes container sequentially
How to specify selector for kubectl service creation?
With Helm 3 and K8s cluster w/RBAC (X509 certs), what permissions does Helm need? I think it creates ConfigMaps for release info?

1 Answer

9/17/2018

This doesn't work for me with Kubernetes 1.11.2 with coredns and calico. It works only if you reference the external service directly in whichever namespace it runs:

$ kubectl get pods -n default
NAME      READY     STATUS    RESTARTS   AGE
mysql-0   2/2       Running   0          17m
mysql-1   2/2       Running   0          16m

$ kubectl get pods -n wittlesouth
NAME              READY     STATUS    RESTARTS   AGE
ricos-dummy-pod   1/1       Running   0          14s

kubectl exec -it ricos-dummy-pod -n wittlesouth bash
root@ricos-dummy-pod:/# ping mysql.default.svc.cluster.local
PING mysql.default.svc.cluster.local (192.168.1.40): 56 data bytes
64 bytes from 192.168.1.40: icmp_seq=0 ttl=62 time=0.578 ms
64 bytes from 192.168.1.40: icmp_seq=1 ttl=62 time=0.632 ms
64 bytes from 192.168.1.40: icmp_seq=2 ttl=62 time=0.628 ms
^C--- mysql.default.svc.cluster.local ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.578/0.613/0.632/0.025 ms
root@ricos-dummy-pod:/# ping ws-mysql
ping: unknown host
root@ricos-dummy-pod:/# exit

$ kubectl get svc mysql
NAME      TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)    AGE
mysql     ClusterIP   None         <none>        3306/TCP   45d

$ kubectl describe svc mysql
Name:              mysql
Namespace:         default
Labels:            app=mysql
Annotations:       <none>
Selector:          app=mysql
Type:              ClusterIP
IP:                None
Port:              mysql  3306/TCP
TargetPort:        3306/TCP
Endpoints:         192.168.1.40:3306,192.168.2.25:3306
Session Affinity:  None
Events:            <none>

The ExternalName service feature is only supported using kube-dns as per the docs and Kubernetes 1.11.x defaults to coredns. You might want to try changing from coredns to kube-dns or possibly changing the configs for your coredns deployment. I expect this to available at some point using coredns.

-- Rico
Source: StackOverflow