Kubernetes Tips: How to find the Port of a Service with a DNS request

Last week I created a guide for our users to set up an NGINX service as an API Gateway with Qovery. The API gateway must redirect the incoming traffic to the appropriate service with the correct port. My problem is that the API Gateway does not know the ports exposed for every service. In this post, I will show you a quick tip on finding the port of a Kubernetes service with a single DNS request. Let's go!

Romaric Philogène

CEO & Co-founder

Summary

The tip

As you probably know, DNS service runs on Kubernetes to resolve the local service names. When your app A needs access to an app B from the same namespace, you will use it as a root domain "app-b.svc". Then your app will look at the nameserver to target (the one running on Kubernetes) and request to resolve "app-b.svc" into an IP address. For your application, it is transparent.

I don't want to make it too long, so here is the DNS request to get the port of a Kubernetes service:

dig +answer srv *._tcp.app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local

You should get an output similar to this one:

; <<>> DiG 9.16.22 <<>> +answer srv *._tcp.app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12263
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 9f7c41b86a20fb70 (echoed)
;; QUESTION SECTION:
;*._tcp.app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local. IN SRV

;; ANSWER SECTION:
*._tcp.app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local. 5 IN SRV 0 100 80 app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local.

;; ADDITIONAL SECTION:
app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local. 5 IN A 172.20.46.46

;; Query time: 4 msec
;; SERVER: 172.20.0.10#53(172.20.0.10)
;; WHEN: Mon Jan 24 12:13:15 UTC 2022
;; MSG SIZE  rcvd: 295

Not clear enough? Here is a request to get only the port

dig +noall +answer srv \*._tcp.app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local | awk '{print $7}'
80

Yes, the port is 80!

How does it work

A DNS service is a database of records. You can see it as a KV store (it is a bit more complex, of course). You can store and return much more than just the IP address. This is what happens here. By asking the DNS service to resolve the SRV record of "*._tcp.app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local" I get the following answer.

;; ANSWER SECTION:
*._tcp.app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local. 5 IN SRV 0 100 80 app-z082e36c4.z489e9616-z209c3fd6.svc.cluster.local.

The SRV record is used as a Service Discovery record. The structure is the following: "IN SRV 0 100 <port> <service>.<ns>.svc.<zone>."

Conclusion

Thanks to Romain Gerard - Software Engineer @ Qovery, for this tip that saves my day 😍

This trick is directly used in my API Gateway run.sh script and is super helpful for our customers. You know how to get the port of one of Kubernetes services right from one of your apps now.

Share on :

Ready to rethink the way you do DevOps?

Qovery is a DevOps automation platform that enables organizations to deliver faster and focus on creating great products.

Book a demo

Kubernetes Tips: How to find the Port of a Service with a DNS request

The tip

How does it work

Conclusion

Suggested articles

It’s time to rethink the way you do DevOps

Kubernetes Tips: How to find the Port of a Service with a DNS request

The tip

How does it work

Conclusion

Suggested articles

It’s time to rethink the way you do DevOps

It’s time to rethink the way you do DevOps