kubernetes services: externalName

2 min read | by Jordi Prats

One of kind of Service objects on kubernetes is extenalName. It creates a CNAME DNS entry to point to an external DNS service. For exemple:

kind: Service
apiVersion: v1
metadata:
  name: ensvc
spec:
  type: ExternalName
  externalName: pet2cattle.com

This creates a service within the kubernetes cluster (a CNAME record on the internal DNS) pointing to the pet2cattle.com record:

$ kubectl apply -f ensvc.yaml 
service/ensvc created
$ kubectl get svc ensvc
NAME    TYPE           CLUSTER-IP   EXTERNAL-IP      PORT(S)   AGE
ensvc   ExternalName   <none>       pet2cattle.com   <none>    6s

We can run a busybox container for testing to check how it's resolving an external IP:

$ kubectl run bb --rm --image busybox:1.28 -it -- sh
If you don't see a command prompt, try pressing enter.
/ # nslookup ensvc
Server:    10.43.0.10
Address 1: 10.43.0.10 kube-dns.kube-system.svc.cluster.local

Name:      ensvc
Address 1: 5.135.162.66 tachi.systemadmin.es

Of course, we can also using a debian image installing the dnsutils package to use dig command:

root@bb:/# dig ensvc.nsdemo.svc.cluster.local

; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> ensvc.nsdemo.svc.cluster.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25010
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: aebfc39f37c9ed08 (echoed)
;; QUESTION SECTION:
;ensvc.nsdemo.svc.cluster.local. IN A

;; ANSWER SECTION:
ensvc.nsdemo.svc.cluster.local. 5 IN CNAME  pet2cattle.com.
pet2cattle.com.   5 IN  A 5.135.162.66

;; Query time: 0 msec
;; SERVER: 10.43.0.10#53(10.43.0.10)
;; WHEN: Wed Jan 13 17:39:36 UTC 2021
;; MSG SIZE  rcvd: 169

Using the externalName kind of Service we can manage the external service just as we would do with any other Kubernetes object. It can also come handy to seamlessly migrate services in-cluster or out-cluster.

Posted on 29/01/2021

Categories