Skip to content

Use lib-common DownwardAPI to retrieve pod IP #550

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bshephar wants to merge 1 commit into
base: main
Choose a base branch
from
+8 −28
Open

Use lib-common DownwardAPI to retrieve pod IP #550

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions internal/horizon/deployment.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,7 @@ func getEnvVars(configHash string, enabledServices map[string]string) map[string
envVars["ENABLE_WATCHER"] = env.SetValue(enabledServices["watcher"])
envVars["CONFIG_HASH"] = env.SetValue(configHash)
envVars["UNPACK_THEME"] = env.SetValue("true")
envVars["POD_IP"] = env.DownwardAPI("status.podIP")
Copy link
Contributor

@gibizer gibizer Jan 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not familiar with the IP handling of k8s. Is the IP pre-determined before a pod is created? Without that I don't see how this construct can inject the IP of the pod to the env of the process running within the pod as seems it seems circular (we need to create the pod to know the IP, but we need to add that IP to the pod ENV when it is started)jm

Copy link
Contributor Author

@bshephar bshephar Jan 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I mean, we should be able to see if this is a problem in the CI env logs I guess. But the IP is allocated from the CNI prior to the pod starting iiuc.

I'll check the must-gather to see if we can confirm this though.


return envVars
}
Expand Down
35 changes: 7 additions & 28 deletions templates/horizon/config/local_settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,35 +56,14 @@
# For more information see:
# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts

# get_pod_ip retrieves the pod's primary interface IP address. This is necessary
# due to the dynamic IP addressing of pods. The HealthCheck needs to be able to
# check the specific pod. We can't simply check via the route, since such a check
# could land on any of the replicas. Instead, we need to explicity check the pod
# we're currently running on. Therefore, we need to execute this function to
# retrieve the IP address, which we will then in turn add to the ALLOWED_HOSTS list.
def get_pod_ip():
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
hostport = (
"{{ .horizonEndpointHost }}",
{{- if .isPublicHTTPS }}
443
{{- else }}
80
{{- end }}
)
try:
s.connect(hostport)
return s.getsockname()[0]
except socket.gaierror:
s.close()
s = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM)
s.connect(hostport)
return "[{}]".format(s.getsockname()[0])
finally:
s.close()

ALLOWED_HOSTS = [get_pod_ip(), "{{ .horizonEndpointHost }}"]
# Use the environment variable to set pod_ip. We can then use this for
# ALLOWED_HOSTS to enable liveness and readiness probes.
pod_ip = os.environ.get('POD_IP', '')
if pod_ip and ':' in pod_ip:
pod_ip = f"[{pod_ip}]"

ALLOWED_HOSTS = [pod_ip, "{{ .horizonEndpointHost }}"] if pod_ip else ["{{ .horizonEndpointHost }}"]

USE_X_FORWARDED_HOST = True

Expand Down