Fix GCP GKE Multi Cluster Service Errors
When working with GCP GKE, you may encounter a configuration error that prevents your deployment from working. This guide explains the most common mistake with multi cluster service and shows the exact fix.
A Common Mistake
Exposing a service using a regular ClusterIP Service instead of a Multi-Cluster Service (MCS), preventing cross-cluster service discovery.
The incorrect command:
kubectl expose deployment my-app --port=80 --type=ClusterIP
# In cluster-1 only
Error output:
service/my-app exposed in cluster-1.
A pod in cluster-2 cannot resolve my-app.my-namespace.svc.cluster.local. DNS resolution fails because each cluster has its own DNS. Cross-cluster communication requires manual endpoint management.
The Correct Approach
The right way to configure multi cluster service in GCP GKE:
gcloud container multi-cluster-services enable --project=my-project && kubectl apply -f - <<EOF
apiVersion: net.gke.io/v1
kind: ServiceExport
metadata:
name: my-app
namespace: default
EOF
kubectl apply -f - <<EOF
apiVersion: net.gke.io/v1
kind: ServiceImport
metadata:
name: my-app
namespace: default
spec:
type: ClusterSetIP
EOF
Successful result:
ServiceExport my-app exported
ServiceImport my-app imported
kubectl -n cluster-2 run test --image=busybox --rm -it -- nslookup my-app.default.svc.clusterset.local
Server: 10.0.0.10
Address: 10.0.0.10:53
Name: my-app.default.svc.clusterset.local
Address: 10.96.0.1
How to Prevent This
Use MCS for cross-cluster service discovery. Requires Fleet Hosting (Anthos). MCS supports ClusterSetIP (single VIP) and Headless (DNS-based) types. Exports services in one cluster, imports in others. Monitor with kubectl get serviceexports and kubectl get serviceimports.
FAQ
Built by the developers of Doda Browser, DodaZIP, and Durga Antivirus Pro. Secure your cloud with DodaTech.
Built by the developers of DodaTech
Doda Browser, DodaZIP & Durga Antivirus Pro