问题描述

我正在默认命名空间中运行群集，并且所有Pod都处于运行"状态.

I am running a cluster in default namespace with all the pods in Running state.

我有一个问题，我正在尝试使用Pod主机名'abcd-7988b76669-lgp8l'从一个Pod远程登录到另一个Pod，但无法连接.尽管如果我使用pods内部IP，它会起作用.为什么dns无法解析?

I have an issue, I am trying to telnet from one pod to another pod using the pod hostname 'abcd-7988b76669-lgp8l' but I am not able to connect. although it works if I use pods internal ip. Why does the dns is not resolved?

我看着

kubectl get po -n kube-system
NAME                          READY   STATUS    RESTARTS   AGE
coredns-6955765f44-5lpfd      1/1     Running   0          12h
coredns-6955765f44-9cvnb      1/1     Running   0          12h

任何人都知道如何使用主机名解析从一个Pod连接到另一个Pod吗?

Anybody has any idea how to connect from one pod to another using hostname resolution ?

推荐答案

首先值得一提的是，通常您不会使用其域名连接到各个Pods.原因是他们短暂的天性.请注意，通常您不创建简单的Pods，而是创建部署，用于管理您的Pods并确保特定数量的特定类型的Pods不断运行. Pods可能经常被删除和重新创建，因此您不应在应用程序中依赖它们的域名.通常，您会将它们公开给其他应用，例如通过服务在其他Pods中运行.尽管不建议使用单独的Pod域名，但仍然可以使用.您可以只是出于娱乐或学习/实验目的而做.

First of all it is worth mentioning that typically you won't connect to individual Pods using their domain names. One good reason for that is their ephemeral nature. Note that typically you don't create plain Pods but controller such as Deployment which manages your Pods and ensures that specific number of Pods of a certain kind is constantly up and running. Pods may be often deleted and recreated hence you should never rely on their domain names in your applications. Typically you will expose them to another apps e.g. running in other Pods via Service.Although using invididual Pod's domain name is not recommended, it is still possible. You can do it just for fun or learning/experimenting purposes.

如@David所述，如果您编辑问题并提供一些重要的详细信息，它们将为您提供全面的答案，这将为我们提供更多帮助，显示出您已经尝试过的内容，例如Pods和Services定义格式为yaml.

As @David already mentioned you would help us much more in providing you a comprehensive answer if you EDIT your question and provide a few important details, showing what you've tried already such as your Pods and Services definitions in yaml format.

从字面上回答您在标题中张贴的问题:

Answering literally to your question posted in the title:

仅使用主机名，您将无法连接到Pod.您可以例如通过简单地ping <service-name>(假设它与ping来源的Pod在同一namespace中)， ping 通过ClusterIP Service暴露的后端Pods.

You won't be able to connect to a Pod using simply its hostname. You can e.g. ping your backend Pods exposed via ClusterIP Service by simply pinging the <service-name> (provided it is in the same namespace as the Pod your pinging from).

请记住，不适用于Pods -群集DNS都无法解析 Pods名称或其主机名.

Keep in mind however that it doesn't work for Pods - neither Pods names nor their hostnames are resolvable by cluster DNS.

您应该能够使用其完全限定域名(FQDN)连接到单个Pod，前提是您已正确配置了所有内容.只要确保您没有忽略这里:

You should be able to connect to an individual Pod using its fully quallified domain name (FQDN) provided you have configured everything properly. Just make sure you didn't overlook any of the steps described here:

请确保您已经创建了一个简单的无头服务可能看起来像这样:

Make sure you've created a simple Headless Service which may look like this:

apiVersion: v1
kind: Service
metadata:
  name: default-subdomain
spec:
  selector:
    name: busybox
  clusterIP: None

确保您的Pods定义不缺少任何重要细节:

Make sure that your Pods definitions didn't lack any important details:

apiVersion: v1
kind: Pod
metadata:
  name: busybox1
  labels:
    name: busybox
spec:
  hostname: busybox-1
  subdomain: default-subdomain
  containers:
  - image: busybox:1.28
    command:
      - sleep
      - "3600"
    name: busybox
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox2
  labels:
    name: busybox
spec:
  hostname: busybox-2
  subdomain: default-subdomain
  containers:
  - image: busybox:1.28
    command:
      - sleep
      - "3600"
    name: busybox

在谈到重要细节时，要特别注意您正确定义了Pod规范中的hostname和subdomain，并且Pods使用的labels与Service的使用的标签相匹配. selector .

Speaking about important details, pay special attention that you correctly defined hostname and subdomain in Pod specification and that labels used by Pods match the labels used by Service's selector.

所有内容配置正确后，您就可以使用其 FQDN附加到Pod busybox1 和ping Pod busybox2 strong>如以下示例所示:

Once everything is configured properly you will be able to attach to Pod busybox1 and ping Pod busybox2 by using its FQDN like in the example below:

$ kubectl exec -ti busybox1 -- /bin/sh
/ # ping busybox-2.default-subdomain.default.svc.cluster.local
PING busybox-2.default-subdomain.default.svc.cluster.local (10.16.0.109): 56 data bytes
64 bytes from 10.16.0.109: seq=0 ttl=64 time=0.051 ms
64 bytes from 10.16.0.109: seq=1 ttl=64 time=0.082 ms
64 bytes from 10.16.0.109: seq=2 ttl=64 time=0.081 ms

我希望这会有所帮助.