apiVersion: v1
kind: service
metadata:
name: mysubdomain (1)
spec:
selector:
expose: me (2)
clusterIP: None (3)
ports: (4)
- protocol: TCP
port: 1234
targetPort: 1234
You can access a virtual machine (VM) that is connected to the default internal pod network on a stable fully qualified domain name (FQDN) by using headless services.
A Kubernetes headless service is a form of service that does not allocate a cluster IP address to represent a set of pods. Instead of providing a single virtual IP address for the service, a headless service creates a DNS record for each pod associated with the service. You can expose a VM through its FQDN without having to expose a specific TCP or UDP port.
If you created a VM by using the OKD web console, you can find its internal FQDN listed in the Network tile on the Overview tab of the VirtualMachine details page. For more information about connecting to the VM, see Connecting to a virtual machine by using its internal FQDN. |
To create a headless service in a namespace, add the clusterIP: None
parameter to the service YAML definition.
You have installed the OpenShift CLI (oc
).
Create a service
manifest to expose the VM, such as the following example:
apiVersion: v1
kind: service
metadata:
name: mysubdomain (1)
spec:
selector:
expose: me (2)
clusterIP: None (3)
ports: (4)
- protocol: TCP
port: 1234
targetPort: 1234
1 | The name of the service. This must match the spec.subdomain attribute in the VirtualMachine manifest file. |
2 | This service selector must match the expose:me label in the VirtualMachine manifest file. |
3 | Specifies a headless service. |
4 | The list of ports that are exposed by the service. You must define at least one port. This can be any arbitrary value as it does not affect the headless service. |
Save the service
manifest file.
Create the service by running the following command:
$ oc create -f headless_service.yaml
To connect to a virtual machine (VM) from within the cluster by using its internal fully qualified domain name (FQDN), you must first map the VM to a headless service. Set the spec.hostname
and spec.subdomain
parameters in the VM configuration file.
If a headless service exists with a name that matches the subdomain, a unique DNS A record is created for the VM in the form of <vm.spec.hostname>.<vm.spec.subdomain>.<vm.metadata.namespace>.svc.cluster.local
.
Edit the VirtualMachine
manifest to add the service selector label and subdomain by running the following command:
$ oc edit vm <vm_name>
VirtualMachine
manifest fileapiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
name: vm-fedora
spec:
template:
metadata:
labels:
expose: me (1)
spec:
hostname: "myvm" (2)
subdomain: "mysubdomain" (3)
# ...
1 | The expose:me label must match the spec.selector attribute of the service manifest that you previously created. |
2 | If this attribute is not specified, the resulting DNS A record takes the form of <vm.metadata.name>.<vm.spec.subdomain>.<vm.metadata.namespace>.svc.cluster.local . |
3 | The spec.subdomain attribute must match the metadata.name value of the service object. |
Save your changes and exit the editor.
Restart the VM to apply the changes.
You can connect to a virtual machine (VM) by using its internal fully qualified domain name (FQDN).
You have installed the virtctl
tool.
You have identified the internal FQDN of the VM from the web console or by mapping the VM to a headless service. The internal FQDN has the format <vm.spec.hostname>.<vm.spec.subdomain>.<vm.metadata.namespace>.svc.cluster.local
.
Connect to the VM console by entering the following command:
$ virtctl console vm-fedora
To connect to the VM by using the requested FQDN, run the following command:
$ ping myvm.mysubdomain.<namespace>.svc.cluster.local
PING myvm.mysubdomain.default.svc.cluster.local (10.244.0.57) 56(84) bytes of data.
64 bytes from myvm.mysubdomain.default.svc.cluster.local (10.244.0.57): icmp_seq=1 ttl=64 time=0.029 ms
In the preceding example, the DNS entry for myvm.mysubdomain.default.svc.cluster.local
points to 10.244.0.57
, which is the cluster IP address that is currently assigned to the VM.