Cluster information:
Kubernetes version: k3s version v1.21.3+k3s1
Host OS: Centos 8
Hi,
I have a single host with k3s installed and running ansible AWX 19.3.0.
So I am attempting to create pods in the same namespace that functions as a vpn proxy. This works well but only if the pods communicate by private ip.
Example vpn pod:
- name: Ensure the VPN pod exists in the awx Namespace
kubernetes.core.k8s:
state: present
validate_certs: no
kubeconfig: /tmp/config
force: yes
definition:
apiVersion: v1
kind: Pod
metadata:
name: "{{ pod_name }}"
namespace: awx
spec:
subdomain: vpn
containers:
- name: "{{ pod_name }}"
image: mydockerregistry.domain/vpn:latest
ports:
- containerPort: 80
securityContext:
privileged: true
capabilities:
add:
- NET_ADMIN
imagePullSecrets:
- name: my-private-registry
FQDN is myvpnpod.vpn.awx.svc.cluster.local.
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
awx-postgres-0 1/1 Running 0 8d 10.42.0.10 awx.domain.local <none> <none>
awx-59ff55b5b-h5gwp 4/4 Running 0 6d3h 10.42.0.14 awx.domain.local <none> <none>
myvpnpod 1/1 Running 0 18m 10.42.0.121 awx.domain.local <none> <none>
Test from the awx container:
ssh awx-user@myvpnpod.vpn.awx.svc.cluster.local
ssh: Could not resolve hostname myvpnpod.vpn.awx.svc.cluster.local: Name or service not known
ssh awx-user@10.42.0.121
The authenticity of host '10.42.0.121 (10.42.0.121)' can't be established.
NAME READY STATUS RESTARTS AGE
metrics-server-86cbb8457f-c9dk2 1/1 Running 0 8d
helm-install-traefik-crd-ltc6r 0/1 Completed 0 8d
helm-install-traefik-792v2 0/1 Completed 1 8d
svclb-traefik-bt9pb 2/2 Running 0 8d
local-path-provisioner-5ff76fc89d-vtj25 1/1 Running 1 8d
traefik-97b44b794-9m644 1/1 Running 0 8d
coredns-89f598569-pvvlq 1/1 Running 0 30m
So basically pod to pod communication by hostname fqdn is not possible and can’t figure out why or how to solve it.
Any ideas?
Thanks in advance if anybody has time.
BR