Service discovery and DNS architecture in Kubernetes¶

Service discovery and DNS are fundamental components for inter-service communication and workload management within a Kubernetes cluster.^[02.企业部署实战_K8S.md]

Core Concepts¶

Pods¶

The Pod is the smallest logical unit (atomic unit) that can be run in Kubernetes.^[02.企业部署实战_K8S.md] A single Pod can encapsulate multiple containers that share UTS, NET, and IPC namespaces, often referred to as a "SideCar" mode (analogous to a pea Pod containing multiple peas).^[02.企业部署实战_K8S.md] Because Pods are ephemeral and their IP addresses change upon destruction, relying solely on Pod IPs for stable connectivity is impossible.^[02.企业部署实战_K8S.md]

Service¶

The Service resource exists to solve the problem of dynamic Pod IPs.^[02.企业部署实战_K8S.md] A Service acts as a stable abstraction layer—a unified external access interface for a group of Pods that provide the same function.^[02.企业部署实战_K8S.md] Service discovery defines which Pods belong to a Service using Label Selectors (equality-based or set-based).^[02.企业部署实战_K8S.md]

While Services operate at Layer 4 (TCP/UDP via IP + Port), Ingress provides Layer 7 (HTTP/HTTPS) capabilities, allowing for traffic routing based on domain names or URL paths.^[02.企业部署实战_K8S.md]

Namespaces¶

Namespaces act as virtual clusters within a physical Kubernetes cluster, used to isolate resources.^[02.企业部署实战_K8S.md] They allow resource names to be duplicated across different namespaces while enforcing uniqueness within the same namespace.^[02.企业部署实战_K8S.md] Default namespaces include default, kube-system, and kube-public.^[02.企业部署实战_K8S.md]

DNS Architecture¶

Cluster DNS Configuration¶

Kubernetes relies on a robust internal DNS system for service discovery. Nodes within the cluster are typically configured to use a specific DNS server (e.g., 10.4.7.11 in a deployment scenario) to resolve these internal addresses.^[02.企业部署实战_K8S.md]

Key configuration parameters often found in the kubelet startup script define the DNS behavior for the pods: * --cluster-dns: Specifies the IP address of the cluster's DNS service (e.g., 192.168.0.2).^[02.企业部署实战_K8S.md] * --cluster-domain: Defines the base cluster domain name (e.g., cluster.local).^[02.企业部署实战_K8S.md]

Service Discovery Mechanism¶

When a Service is created, it is assigned a DNS name. Pods can reach other Services using this name, abstracting away the underlying Pod IPs. The architecture ensures that: 1. Ingress routes external traffic based on hostnames/paths. 2. Services aggregate Pod endpoints. 3. DNS provides a stable naming hierarchy (e.g., <service-name>.<namespace>.svc.cluster.local) for these Services.

Related Concepts¶

• Pod
• [[Labels and Label Selectors]]
• Ingress
• Kubelet

Sources¶

• 02.企业部署实战_K8S.md