4

If I have 2 pods is there a way for them to talk to each other without any other resource created and used?

The question goes for the both situations - if they are in the same namespace or in different ones.

Jonas
  • 121,568
  • 97
  • 310
  • 388
LIvanov
  • 1,126
  • 12
  • 30
  • https://stackoverflow.com/questions/54949522/how-to-implement-kubernetes-pod-to-pod-communication it may helpful – Shree Prakash Oct 09 '19 at 07:22
  • Thanks, but still doesn't answer my question. I am trying to figure out if I can do pod-pod directly. No other resources involved. I am just trying to prove a point, not gonna use it in production, so not looking for best practices :) – LIvanov Oct 09 '19 at 07:38

3 Answers3

4

Yes, they can!

Assuming you don't have any network policies restricting the calls, it just need to know its DNS name, this is how it works:

  • the cluster must have DNS enabled
  • if the pods are manually create on the same namespace(not via deployment), you just need make a call to the podname that act as the host.
    • POD1 running on namespace NS1 exposing the container port 31333
    • POD2 running on namespace NS1
    • POD2 call POD1 via http://POD1:31333
  • if the pods are on different namespaces, you need to include the namespace to the host.
    • POD1 running on namespace NS1 exposing the container port 31333
    • POD2 running on namespace NS2
    • POD2 call POD1 via http://POD1.NS1:31333
  • if the pod is being created by a deployment, it's name is dynamic, is hard to predic, in this case, you need a service to expose the pods to others by using a common name(the service)
    • DEPLOYMENT1 deployed to namespace NS1 will create a pod with following format deploymentname-hash(example: DEPLOYMENT1-f82hsh)
    • DEPLOYMENT1-f82hsh is the pod created by the deployment and is running on namespace NS1, created exposing the container port 31333
    • POD2 running on namespace NS2
    • POD2 could call DEPLOYMENT1-f82hsh via http://DEPLOYMENT1-f82hsh.NS1:31333, but because the name is dynamic, at any time it could change to something else and break POD2
    • The solution is deploy service SVC1 that forward requests to DEPLOYMENT1 pods
    • POD2 then call http://SVC1:31333 that will forward the call to DEPLOYMENT1-f82hsh or whatever pod is available in the DEPLOYMENT1.

The scenarios above assume you haven't set the hostname neither subdomain in the pod and is using the default configuration.

In more advanced scenarios you would also use the cluster dns suffix to call these services. The following docs describes everything in more details https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/

Diego Mendes
  • 10,631
  • 2
  • 32
  • 36
  • 1
    So I guess the cluster I am operating in has some limitations since a pod cannot resolve another pod's name. Anyway, thanks for the info. – LIvanov Oct 09 '19 at 10:21
  • check if the DNS is up and running, also try to attach to one of the container and try to call the other by it's IP, if you can't do it this way, something is preventing one to talk to the other. – Diego Mendes Oct 09 '19 at 14:06
1

I would answer yes to your question... There is multiple question to speak to a service like the one ShreePrakash gave you and the same can be apply to a pod.

Here is another question in relation: 2 Kubernetes pod communicating without knowing the exposed address

This answers your question as you should be able to do the same with PODNAME.PODNAMESPACE:PORT and it should work.

Now why is it not done? Simply because pod have a random ID added to their names at creation (something like: nginx-ingress-1234456) and if it crashes and get recreates the name won't be the same. That applies to stateless apps, you may be able to deduct the name of the pod in a stateful state with only one pod...

That is why services are used to make it easier to target pod as their names is the one you declared on creation.

Hope this helps.

night-gold
  • 2,202
  • 2
  • 20
  • 31
  • `Ports: 8153/TCP, 8154/TCP`, `Host Ports: 0/TCP, 0/TCP`. This is my pod configuration and I cannot access it from another pod either within the same namespace or from another one. I am getting `cannot resolve host` when I curl it. Should I have Host Ports ? – LIvanov Oct 09 '19 at 07:54
  • `curl my-pod-5678b96b44-flbhk.myns:8153` – LIvanov Oct 09 '19 at 09:28
1

The only way for the pod to call directly another pod is by using its IP address. According to official K8s docs, there is only one pod DNS resolution and it includes the IP address too, for example:

172-17-0-3.default.pod.cluster.local

So, the solution is to use Downward API to let the pod know its IP from the environment variable:

   env:
   - name: POD_IP
     valueFrom:
       fieldRef:
         fieldPath: status.podIP

and then in your app (running in the pod), you need to pass this IP address somehow to other pods.

Vlad Rudenko
  • 2,363
  • 1
  • 24
  • 24