Kubernetes - resolve hostname of a service
Master System Design with Codemia
Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.
Introduction
In Kubernetes, you normally resolve a Service by DNS rather than by chasing Pod IP addresses. The cluster DNS server creates records for Services automatically, so applications can call a stable hostname even when the backing Pods are recreated.
The Basic Service Hostname
For a Service named api in the namespace default, a Pod in the same namespace can usually reach it with:
A Pod in a different namespace should use at least:
The fully qualified in-cluster DNS name is typically:
The cluster.local suffix is the common default, but clusters can use a different cluster domain. The important structure is:
- service name
- namespace
- '
svc' - cluster domain
Example Service and Lookup
Here is a minimal Service:
From a Pod in the same namespace, you can test DNS resolution:
From another namespace:
If cluster search paths are configured in the usual way, the short name works only inside the same namespace. Outside that namespace, include the namespace explicitly.
What the DNS Record Resolves To
For a normal Service, the DNS name resolves to the Service cluster IP. Traffic then gets load-balanced to healthy backend Pods.
For a headless Service, the DNS behavior is different. Instead of one cluster IP, DNS returns the IP addresses of the backing Pods directly. That is useful for systems that need peer discovery, such as stateful databases.
Clients can still resolve db.demo.svc.cluster.local, but they will receive Pod endpoints instead of one virtual IP.
Why Service DNS Is Better Than Pod IPs
Pods are disposable. A restart, reschedule, or rollout can change the Pod IP. Service DNS gives your code a stable name and lets Kubernetes manage the moving parts.
This is why application configuration should usually point to a Service name:
That configuration survives replica replacements, rolling updates, and node changes without hard-coded IP maintenance.
Debugging Resolution Failures
If a Service hostname does not resolve, check these points in order:
- Confirm the Service exists in the namespace you expect.
- Confirm the client Pod is using cluster DNS.
- Confirm the Service has endpoints.
- Confirm you are using the right hostname form for the caller's namespace.
Useful commands:
If the Service exists but has no endpoints, DNS may still resolve while traffic fails. In that case the problem is selector matching or Pod readiness, not the hostname format.
Short Names, Namespace Names, and FQDNs
Use the shortest form that is unambiguous for the caller:
- same namespace:
api - different namespace:
api.demo - explicit full form:
api.demo.svc.cluster.local
The fully qualified form is useful in debugging, cross-namespace configuration, and documentation because it removes ambiguity. In application code, many teams prefer service.namespace for readability.
Common Pitfalls
The most common mistake is trying to resolve only the service name from a different namespace. api works from demo, but not necessarily from tools. Use api.demo or the full name there.
Another issue is blaming DNS when the Service has no endpoints. Name resolution can succeed while every connection still fails because no healthy Pods back the Service.
Teams also hard-code Pod IPs during debugging and then accidentally ship that configuration. Use Service names instead unless you explicitly need Pod-level addressing.
Summary
- Kubernetes creates DNS names for Services automatically.
- In the same namespace, the short service name is often enough.
- Across namespaces, use
service.namespaceor the full in-cluster DNS name. - Normal Services resolve to a cluster IP, while headless Services resolve to backend Pod IPs.
- If resolution or connectivity fails, check namespace, DNS config, and Service endpoints.
