Kubernetes service with external name not discoverable

Question

I'm deploying a nodejs application into a kubernetes cluster. This application needs access to an external database which is public available under db.external-service.com. For this purpose a service of the type ExternalName is created.

kind: Service
apiVersion: v1
metadata:
  name: postgres
spec:
  type: ExternalName
  externalName: db.external-service.com

In the deployment an environment variable which provides the database hostname for the application is set to the name of this service.

env:
  - name: DB_HOST
    value: postgres

The problem is that when the nodejs application try to connect to the database ends up with this error message.

Error: getaddrinfo ENOTFOUND postgres

Already tried to use the full hostname postgres.<my-namespace>.svc.cluster.local without success.

What cloud be wrong with this setup?

EDIT:

It works if I use directly the plain ip address behind db.external-service.com in my pod configuration
It dose not work if I use the hostname directly in my pod configuration
I can ping the hostname with one of my pods: kubectl exec my-pod-xxx -- ping db.external-service.com has the right ip address

Did you try with a simple container and `psql`? This destination has TLS? — Hector Vido, Mar 19 '21 at 23:48
Yes, I tried this with a dummy pod. The destination has a self signed certificate. — Markus, Mar 19 '21 at 23:55
So, are you ignoring the certificate when connectin or you import the certificate in a trusted list? With a simple `curl` on the address (with right port), what happen? — Hector Vido, Mar 20 '21 at 00:03
are you able to reach db.external-service.com directly from pod? — Vasili Angapov, Mar 20 '21 at 15:32
Nope, if I write the hostname directly into the source code it is also not resolvable :/ — Markus, Mar 20 '21 at 19:29
please trying to connect postgres from nodejs directly without service for postgres you have created .. something like this env : - name: DB_HOST value: postgresql://:@db.external -service.com:5432/databasename — Aschay, Mar 21 '21 at 10:26
@Shay Dosent work with the external hostname but when I use the external ip directly — Markus, Mar 21 '21 at 11:43
To sum up, it doesn't work (hostname) with your `nodejs` `Pod` but it works other `Pod`. Could you please share `YAML` manifest of your resources that you are using in this setup? Also I'd reckon this could be the issue of your connection string: https://stackoverflow.com/questions/34802333/nodejs-postgres-error-getaddrinfo-enotfound — Dawid Kruk, Mar 22 '21 at 15:26

score 1 · Accepted Answer · answered Mar 22 '21 at 18:42

1

It turns out that the Kubernetes worker nodes are not on the allow list from the database. So the connection timed out.

answered Mar 22 '21 at 18:42

Markus

1,909
4
26
54

score 0 · Answer 2 · answered Mar 20 '21 at 21:22

Seems like your Pod is not able to resolve DNS db.external-service.com to an IP Address.
In Kubernetes, Pods use CoreDNS Pods to resolve Service Names to Service IP Addresses. https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/
If CoreDNS Pods are not able to resolve the DNS to IP Address it is supposed to redirect the request to the Nameserver configured in the Host/VM/Node resolv.conf because dnsPolicy for CoreDNS Pods is Default. https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
So what is the dnsPolicy of your Pod ?
Are you able to resolve DNS db.external-service.com to an IP Address from the Host/VM/Node on which the CoreDNS Pod is running on ?

Thanks. The fact that kubectl exec my-pod-xxx -- ping db.external-service.com is working means that the pod is able to resolve DNS db.external-service.com to its ip. What is the output of command kubectl exec my-pod-xxx -- ping postgres ? Also, can you please provide output of command kubectl exec my-pod-xxx -- cat /etc/resolv.conf — Sagar Velankar, Mar 21 '21 at 12:55

Kubernetes service with external name not discoverable

2 Answers2