I have a service that, in some contexts, sends requests to itself. I can reach the service from outside the cluster, but the self-requests fail (time-out).

Environment:

• minikube v0.34.1
• Linux version 4.15.0 (jenkins@jenkins) (gcc version 7.3.0 (Buildroot 2018.05)) #1 SMP Fri Feb 15 19:27:06 UTC 2019

I've been using https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service/#a-pod-cannot-reach-itself-via-service-ip as a troubleshooting guide, but I'm down the step that says "seek help".

Troubleshooting results:

journalctl -u kubelet | grep -i hairpin  
Feb 26 19:57:10 minikube kubelet[3066]: W0226 19:57:10.124151    3066 docker_service.go:540] Hairpin mode set to "promiscuous-bridge" but kubenet is not enabled, falling back to "hairpin-veth"  
Feb 26 19:57:10 minikube kubelet[3066]: I0226 19:57:10.124295    3066 docker_service.go:236] Hairpin mode set to "hairpin-veth" 

The troubleshooting guide indicates that "hairpin-veth" is OK.

for intf in /sys/devices/virtual/net/docker0/brif/veth*; do cat $intf/hairpin_mode; done
0
...
0

Note that the guide used /sys/devices/virtual/net/cbr0/brif/*, but in this version of minikube, the path is /sys/devices/virtual/net/docker0/brif/veth*. I'd like to understand why the paths are different, but it appears that hairpin_mode is not enabled.

The next step in the guide is: Seek help if none of above works out.

1. Am I correct in believing that I need to enable hairpin_mode?
2. If so, how do I do so?