kubernetesenvironment-variablesamazon-ekspreset

Odd Kubernetes behaviour in AWS EKS cluster


In an EKS cluster (v1.22.10-eks-84b4fe6) that I manage I've spotted a behavior that I had never seen before (or that I missed completely...) => In a namespace with an application running in created by a public helm chart, if I create a separate new unrelated pod (a simple empty busybox with a sleep command in it) it'll automatically mount some environmental variables always starting with the name of the namespace and as referring to the available services which are related to the helm chart/deployment already in it. I'm not sure I understand this behavior, I've tested this in several other namespaces with helm charts deployed as well and I get the same results (each time with different env vars obviously). An example in a namespace with this chart installed -> https://github.com/bitnami/charts/tree/master/bitnami/keycloak

testpod.yaml

apiVersion: v1
kind: Pod
metadata:
  name: testpod
  namespace: keycloak-18
spec:
  containers:
  - image: busybox
    name: testpod
    command: ["/bin/sh", "-c"]
    args: ["sleep 3600"]

When in the pod:

  / # env
  KEYCLOAK_18_METRICS_PORT_8080_TCP_PROTO=tcp
  KUBERNETES_PORT=tcp://10.100.0.1:443
  KUBERNETES_SERVICE_PORT=443
  KEYCLOAK_18_METRICS_SERVICE_PORT=8080
  KEYCLOAK_18_METRICS_PORT=tcp://10.100.104.11:8080
  KEYCLOAK_18_PORT_80_TCP_ADDR=10.100.71.5
  HOSTNAME=testpod
  SHLVL=2
  KEYCLOAK_18_PORT_80_TCP_PORT=80
  HOME=/root
  KEYCLOAK_18_PORT_80_TCP_PROTO=tcp
  KEYCLOAK_18_METRICS_PORT_8080_TCP=tcp://10.100.104.11:8080
  KEYCLOAK_18_POSTGRESQL_PORT_5432_TCP_ADDR=10.100.155.185
  KEYCLOAK_18_POSTGRESQL_SERVICE_HOST=10.100.155.185
  KEYCLOAK_18_PORT_80_TCP=tcp://10.100.71.5:80
  KEYCLOAK_18_POSTGRESQL_PORT_5432_TCP_PORT=5432
  KEYCLOAK_18_POSTGRESQL_PORT_5432_TCP_PROTO=tcp
  TERM=xterm
  KUBERNETES_PORT_443_TCP_ADDR=10.100.0.1
  PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
  KUBERNETES_PORT_443_TCP_PORT=443
  KEYCLOAK_18_POSTGRESQL_PORT=tcp://10.100.155.185:5432
  KEYCLOAK_18_POSTGRESQL_SERVICE_PORT=5432
  KEYCLOAK_18_SERVICE_PORT_HTTP=80
  KEYCLOAK_18_POSTGRESQL_SERVICE_PORT_TCP_POSTGRESQL=5432
  KUBERNETES_PORT_443_TCP_PROTO=tcp
  KEYCLOAK_18_POSTGRESQL_PORT_5432_TCP=tcp://10.100.155.185:5432
  KEYCLOAK_18_METRICS_SERVICE_PORT_HTTP=8080
  KEYCLOAK_18_SERVICE_HOST=10.100.71.5
  KUBERNETES_SERVICE_PORT_HTTPS=443
  KUBERNETES_PORT_443_TCP=tcp://10.100.0.1:443
  KUBERNETES_SERVICE_HOST=10.100.0.1
  PWD=/
  KEYCLOAK_18_METRICS_PORT_8080_TCP_ADDR=10.100.104.11
  KEYCLOAK_18_METRICS_SERVICE_HOST=10.100.104.11
  KEYCLOAK_18_SERVICE_PORT=80
  KEYCLOAK_18_PORT=tcp://10.100.71.5:80
  KEYCLOAK_18_METRICS_PORT_8080_TCP_PORT=8080 

I've looked a bit into this and I've seen this doc https://kubernetes.io/docs/concepts/containers/container-environment/, but it states less variables than I can see myself

I may be behind on some Kubernetes features, does anyone have a clue?

Thanks!


Solution

  • What you are seeing is expected. Asserted from the official documentation:

    When a Pod is run on a Node, the kubelet adds a set of environment variables for each active Service. It adds {SVCNAME}_SERVICE_HOST and {SVCNAME}_SERVICE_PORT variables, where the Service name is upper-cased and dashes are converted to underscores.

    This behavior is not EKS specific.