Networking

Network configuration and service discovery.

Service discovery

All services are accessible via Kubernetes DNS using the format:

<service-name>.<namespace>.svc.cluster.local:<port>

Platform services

• Jenkins: jenkins.playpen-platform.svc.cluster.local:8080
• Nexus: nexus.playpen-platform.svc.cluster.local:8081
• Dex: dex.playpen-platform.svc.cluster.local:5556
• PostgreSQL: postgres.playpen-platform.svc.cluster.local:5432

Application services

Applications in playpen-apps namespace are accessible as: - my-app.playpen-apps.svc.cluster.local:80

Port forwarding

Access services locally via port-forwarding:

# Set up all port forwards
./scripts/setup-port-forwards.sh

# Or individually
kubectl port-forward -n playpen-platform svc/jenkins 8080:8080
kubectl port-forward -n playpen-platform svc/nexus 8081:8081
kubectl port-forward -n playpen-platform svc/dex 5556:5556
kubectl port-forward -n playpen-platform svc/postgres 5432:5432

Service types

All services use ClusterIP by default:

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: ClusterIP
  ports:
  - port: 80
    targetPort: 8080
  selector:
    app: my-app

DNS resolution

Applications can resolve services using short names within the same namespace:

# Same namespace - short name works
host = "postgres"  # Resolves to postgres.playpen-platform.svc.cluster.local

# Different namespace - use FQDN
host = "postgres.playpen-platform.svc.cluster.local"

Network policies

Optional network policies for isolation:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-platform-services
  namespace: playpen-apps
spec:
  podSelector: {}
  policyTypes:
  - Ingress
  ingress:
  - from:
    - namespaceSelector:
        matchLabels:
          name: playpen-platform

Troubleshooting

Cannot resolve service

# Test DNS resolution
kubectl run -it --rm debug --image=busybox --restart=Never -- \
  nslookup jenkins.playpen-platform.svc.cluster.local

Connection refused

• Verify service exists: kubectl get svc -n playpen-platform
• Check endpoints: kubectl get endpoints -n playpen-platform
• Verify pods are running: kubectl get pods -n playpen-platform

Port already in use

# Find process using port
netstat -ano | findstr :8080  # Windows
lsof -i :8080  # Linux/macOS

# Kill process or use different port
kubectl port-forward -n playpen-platform svc/jenkins 8081:8080

Next steps

• Learn about security configuration
• Configure platform services