Resolving Kubernetes Pods IP addresses
Spider now resolves Kubernetes PODs IP addresses with Kube API.
Storyโ
Going Whisperers on Kube worked out of the box... or almost!
In fact, Kubernetes Core DNS team decided that they would not keep track of PODs own IP addresses in the Kube DNS. For many good reasons. See here and there for instance.
Result, on Spider, only the services were resolved :( That was ugly!!
And this was delaying much understanding of what talks to what for service discovery and troubleshooting!
It deserved a solution :)
As no plugion for CoreDNS exists to extend its feature this way, I decided to ask for PODs IPs and names in Kube API. The latter being easily accessible from inside any container!
Every five minutes, the Whisperer is asking for the list of PODs in its namespace and builds a fake FQDN with the pod and namespace names.
Resultโ
All unknown IPs used by PODs that were calling others in the system are now resolved. :)
Searching the communications and reading the map is now much easier:
Beforeโ
Afterโ
You can also see that the team did some effort in solving configuration issues: much less red than before! ;-)
Howโ
On your side, nothing to do, that's all managed by the Whisperer :-O
- It detects automatically that it is running in a Kubernetes environment.
- It then calls Kubernetes API the get the names and IPs of all PODs in the same namespace.
- When getting an IP to resolve, the Whisperer first checks agains its Kube known IPs, and only calls the DNS when not finding a match.
Requirementโ
The Whisperer must have a Kubernetes service account associated to it with the rights to query PODs information.
Without the service account, you won't have the resolution, but the Whisperer still works, no issue!
Cheers, Thibaut