stackoom
  简体   繁体   中英

Disable Kubernetes ClusterIP service environment variables on pods

 原文  2020-06-22 01:01:49       kubernetes/ environment-variables/ kubernetes-pod/ kubernetes-deployment

Question

Whenever a new pod is created in the cluster, environment variables related to the default Kubernetes clusterIP service are being injected into it.

Kubernetes clusterIp service running: 

NAME                        TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
kubernetes                  ClusterIP   10.116.0.1     <none>        443/TCP    27d

No matter on which namespace the pod is running, the following env vars will always appear:

KUBERNETES_SERVICE_PORT=443
KUBERNETES_PORT=tcp://10.116.0.1:443
KUBERNETES_PORT_443_TCP_ADDR=10.116.0.1
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_SERVICE_PORT_HTTPS=443
KUBERNETES_PORT_443_TCP=tcp://10.116.0.1:443
KUBERNETES_SERVICE_HOST=10.116.0.1

I'm using enableServiceLinks=false as a mechanism to avoid service environment variables to be injected into pods, but it looks like it doesn't work for the default Kubernetes clusterIp service.

Deployment manifest:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: indecision-app-deployment
  labels:
    app: indecision-app
spec:
  selector:
    matchLabels:
      app: indecision-app
  template:
    metadata:
      labels:
        app: indecision-app
    spec:
      enableServiceLinks: false
      containers:
      - name: indecision-app
        image: hleal18/indecision-app:latest
        ports:
        - containerPort: 8080

Is it expected that enableServiceLinks=false also avoids the default Kubernetes clusterIP service of being injected?

1 answers

solution1
 0 ACCPTED  2020-06-22 09:38:30

In k8s source code you can find this comment :

// We always want to add environment variabled for master services
// from the master service namespace, even if enableServiceLinks is false.

and the code that adds these environemt variables :

if service.Namespace == kl.masterServiceNamespace && masterServices.Has(serviceName) {
    if _, exists := serviceMap[serviceName]; !exists {
        serviceMap[serviceName] = service
}

As you can see, kubelet adds services from masterServiceNamespace which defaults to "default" .

Digging a bit more I have found out that there is a flag --master-service-namespace

--master-service-namespace The namespace from which the kubernetes master services should be injected into pods (default "default") (DEPRECATED: This flag will be removed in a future version.)

Now the flag is depricated and may be deleted in future.

Setting it on every kubelet should solve your issue but this is probably not the best thing to do as it is probably depricated for a reason.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question enableServiceLinks=false doesn't disable Kubernetes clusterIP default service environment variables to be injected into pod Is it possible to disable service discovery with environment variables in kubernetes? Why are my Kubernetes pods sharing environment variables? Kubernetes - Shared environment variables for all Pods Network alias for Kubernetes ClusterIP Service ClusterIP service Not accessible from within the cluster pods How to Inject Environment Variables into Kubernetes Pods Before Deployment Sending .Net Core application settings to kubernetes pods as environment variables Set environment variables to Jenkins pipeline for deploying kubernetes pods Kubernetes pods can't ping each other using ClusterIP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM