https://bz.apache.org/bugzilla/show_bug.cgi?id=66660
--- Comment #15 from Diego Rivera <diego.riv...@armedia.com> --- To clarify re: the Service only returning its own IP. In K8s, the pods behind the Service facade may change at any time, and without warning. DNS caches are also a thing. So imagine this scenario: from your app (Tomcat, for instance) you query the Service to get a list of 10 pods that are currently servicing them. The pod's DNS cache will keep a copy of those same pods for a certain amount of time to avoid repeat lookups. But lo ... a couple of seconds after you get that list, those 10 pods are gone and 10 new pods with newer versions of the service/app in question are now up, with 10 different IPs. * Now you're unable to access any of the old IPs b/c they no longer exist * You're unable to resolve to the new IPs due to DNS caching (which means you'd have to either turn it off, or know when to nuke it) So, essentially, you have a fun problem to fix. Instead, if each service gets their own IP address (which is how it is), then you ALWAYS go to that IP for the service, and it's up to the K8s subsystems to finagle the firewalls/routing/whatnot to move the traffic to the right pods, unbeknownst and invisibly to the service's clients. This is why the DNSMembershipProvider is useless in K8s. It's coded based on a flawed (perhaps even outdated) assumption. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
