I am currently working with Kubernetes on Google Cloud with a microservice architecture. Where in a cluster I have different Pods and each of them can communicate with the others via curl using a ClusterIp.
My problem is that I need an endpoint of one of these pods to be called from time to time using the ClusterIp. For this I created a CronJob which curls the endpoint of the pod, but it always returns:
curl: (7) Failed to connect to xx.xx.xx.xx port 8080: Connection refusedThis is the yaml of the cronJob.
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: cronjob-test # name of the CronJob
spec:
schedule: "*/1 * * * *" # run every minute
concurrencyPolicy: Replace
jobTemplate:
spec:
template:
spec:
containers:
- name: cronjob-test
image: appropriate/curl
args:
- /bin/sh
- -c
- curl -X POST http://${CLUSTER_IP}:${CLUSTER_PORT}/api/test/
restartPolicy: NeverI met the same problem. After I disabled the istio sidecar injection by adding label istio-injection=disabled to the namespace. It all works fine.
In my opinion, dns-pod-service contains the solution what you need.
Here, you can find the FQDN for services if you want to use services. You can also find the FQDN name for pods (with/without headless service), if you use pods.
istio-proxy sidecar is VERY slow to start up in comparison to your workload, in which only alpine is included.
This will lead to problems when your workload is already sending out requests, whereas istio-proxy is not yet ready, or even not yet registered in Pilot. This is why it works if you sleep 10 before actually sending out the requests.