Table of contents
- Let's take a practice example
- 1. Create a Namespace (dev)
- 2. Create Nginx Pods in the Default and Dev Namespaces
- 3. Expose the Nginx Pods as Services using NodePort
- 4. Let's try to accress through IP Of the pod
- There is a Problem
- If we increase the replica then we have to use service for load balance ,then use specific pod ip is not good way to communicate
- 5. Let's try to access through service directly
- 6. Let's try to accress through FQDN
In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. Namespace-based scoping is applicable only for namespaced objects (e.g. Deployments, Services, etc.) and not for cluster-wide objects (e.g. StorageClass, Nodes, PersistentVolumes, etc.).
Let's take a practice example
first Create a name space (dev)
then create 2 nginx pod in default name space and dev name space
Then expose the Service to corresponding namespace
Then try to access trough the IP and Fully Qualified Domain name(FQDN)
1. Create a Namespace (dev)
kubectl create namespace dev
2. Create Nginx Pods in the Default and Dev Namespaces
For the default namespace:
kubectl create deployment nginx-default --image=nginx
For the dev namespace:
kubectl create deployment nginx-dev --image=nginx --namespace=dev
3. Expose the Nginx Pods as Services using NodePort
For the default namespace:
kubectl expose deployment nginx-default --type=NodePort --port=80 --target-port=80
For the dev namespace:
kubectl expose deployment nginx-dev --type=NodePort --port=80 --target-port=80 --namespace=dev
4. Let's try to accress through IP Of the pod
First we Enter the we find the pods internal IP's
Default name space Pod IP
kubectl get pod nginx-default -o wide # -----------------output-------------- : ' NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-default 1/1 Running 0 37m 10.244.0.71 minikube <none> <none 'dev name space pod IP
kubectl get pod nginx-dev -n dev -o wide # -----------------output-------------- : ' NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-dev 1/1 Running 0 39m 10.244.0.72 minikube <none> <none> 'Now we try to reach from default namespace pod(nginx-default) to dev namespace pod (nginx-dev)
Enter The pod First (Enter default namespace pod)
kubectl exec -it nginx-default -- shTry to reach nginx-dev pod (in dev name space)
curl 10.244.0.72 # -----------------output-------------- : '<!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>'In similar way we can reach different namespace pods through the pod IP's
There is a Problem
If we increase the replica then we have to use service for load balance ,then use specific pod ip is not good way to communicate
5. Let's try to access through service directly
Enter The pod First (Enter default namespace pod)
kubectl exec -it nginx-default -- sh
Out dev name space service was nginx-dev
from our default namespace pod try to reach dev namespace pod through service
curl nginx-dev
# -----------------output--------------
# curl: (6) Could not resolve host: nginx-dev
Here We directly can not reach one namespace service to another namespace service and Here comes the Fully Qualified Domain name (FQDN)
6. Let's try to accress through FQDN
Instead of service name,we use Corresponding domain name
so first enter the target pod (nginx-dev)
kubectl exec -it nginx-dev -- shThen find the domain name for this service
cat /etc/resolv.conf # -----------------output-------------- #nameserver 10.96.0.10 #search dev.svc.cluster.local svc.cluster.local cluster.local #options ndots:5now From default namespace pod(nginx-default) we try to reach nginx-dev of different namespace(dev) pod
# curl nginx-dev.dev.svc.cluster.local # -----------------output-------------- : '<!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> '