Pod to pod fqdn communication (instead of ip)

Cluster information:

Kubernetes version: k3s version v1.21.3+k3s1
Host OS: Centos 8

Hi,

I have a single host with k3s installed and running ansible AWX 19.3.0.

So I am attempting to create pods in the same namespace that functions as a vpn proxy. This works well but only if the pods communicate by private ip.

Example vpn pod:

- name: Ensure the VPN pod exists in the awx Namespace
  kubernetes.core.k8s:
    state: present
    validate_certs: no
    kubeconfig: /tmp/config
    force: yes
    definition:
      apiVersion: v1
      kind: Pod
      metadata:
        name: "{{ pod_name }}"
        namespace: awx
      spec:
        subdomain: vpn
        containers:
        - name: "{{ pod_name }}"
          image: mydockerregistry.domain/vpn:latest
          ports:
          - containerPort: 80
          securityContext:
            privileged: true
            capabilities:
              add:
                - NET_ADMIN
        imagePullSecrets:
          - name: my-private-registry

FQDN is myvpnpod.vpn.awx.svc.cluster.local.

NAME                  READY   STATUS    RESTARTS   AGE    IP            NODE            NOMINATED NODE   READINESS GATES
awx-postgres-0        1/1     Running   0          8d     10.42.0.10    awx.domain.local   <none>           <none>
awx-59ff55b5b-h5gwp   4/4     Running   0          6d3h   10.42.0.14    awx.domain.local   <none>           <none>
myvpnpod          1/1     Running   0          18m    10.42.0.121   awx.domain.local   <none>           <none>

Test from the awx container:

ssh awx-user@myvpnpod.vpn.awx.svc.cluster.local
ssh: Could not resolve hostname myvpnpod.vpn.awx.svc.cluster.local: Name or service not known
ssh awx-user@10.42.0.121
The authenticity of host '10.42.0.121 (10.42.0.121)' can't be established.
NAME                                      READY   STATUS      RESTARTS   AGE
metrics-server-86cbb8457f-c9dk2           1/1     Running     0          8d
helm-install-traefik-crd-ltc6r            0/1     Completed   0          8d
helm-install-traefik-792v2                0/1     Completed   1          8d
svclb-traefik-bt9pb                       2/2     Running     0          8d
local-path-provisioner-5ff76fc89d-vtj25   1/1     Running     1          8d
traefik-97b44b794-9m644                   1/1     Running     0          8d
coredns-89f598569-pvvlq                   1/1     Running     0          30m

So basically pod to pod communication by hostname fqdn is not possible and can’t figure out why or how to solve it.

Any ideas?

Thanks in advance if anybody has time.

BR

Hi,
I have a similiar issue currently.
Have you checked these 2 pages?

If you still have the issue please report your results of doing these to narrow the issue down further.

Pods don’t get DNS names unless you ALSO define a headless Service (in this case named “vpn” to match the Pod’s subdomain) and you must specify both hostname and subdomain.