Move discovery to DNS names #3712
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sebgl
approved these changes
Sep 4, 2020
| //PodDNSName returns the DNS resolvable name of the given pod resolvable within the namespace. | ||
| func PodDNSName(pod corev1.Pod) string { | ||
| ssetName := pod.Labels[label.StatefulSetNameLabelName] | ||
| return fmt.Sprintf("%s.%s", pod.Name, HeadlessServiceName(ssetName)) |
There was a problem hiding this comment.
I'm wondering if we should consider how a user may override the Pod hostname and subdomain fields: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-hostname-and-subdomain-fields
But I think that's really a corner case that is probably safe to ignore for now. It probably has other impacts.
thbkrkr
reviewed
Sep 4, 2020
Co-authored-by: Thibault Richard <thbkrkr@users.noreply.github.com>
|
Closing in the light of #3723 (comment) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #2830
Related #3654
This PR changes Elasticsearch discovery to use DNS hostnames instead of IP addresses. To replicate the discussion on #3654 : we think the potential negative impact of DNS caching is manageable and outweighs the advantage of simplifying discovery.
We could in theory remove the IP address from the ECK-generated transport certificates now and save a few certificate regenerations when a node is scheduled on another Pod. I left it in place because I believe the frequency of these regenerations if fairly low but open to reconsider.