Kubernetes Tip: Is DNS your service discovery ?. Maybe not.

env variables & Create Nginx pod.
env variables.
  1. Security Problem: If an attacker compromises a pod, would get sensitive information of other services just for free.
  2. Scalability Issue: This approach does not scale when there are hundreds and thousands of services in the namespace.
  3. Confusing Behavior: This definitely will confuse the behavior in certain if not many applications.

How to fix the problem?

An extra field enableServiceLinks has been added to PodSpec from 1.13 onwards. Let look at it with an example.

New pod enableServiceLinks set to false.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store