Whitelist/Filter incoming ips for https load balan

2019-09-15 03:29发布

站内问答 / Kubernetes
541 2 5

I use Google Container Engine with Kubernetes. I have created an https load balancer which terminates ssl and forwards traffic to k8s cluster nodes. The problem is I see no option to whitelist/filter incoming ip addresses. Is there any?

2条回答
Anthone
2楼-- · 2019-09-15 03:38

It sounds like you've set up a load balancer outside of Kubernetes. You may want to consider using a Kubernetes Service set to type: LoadBalancer. That type of service will give you an external IP that load balances to all of your Pods and can be easily restricted to whitelist IPs using the loadBalancerSourceRanges setting. Here is the example from the docs at https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/

apiVersion: v1
kind: Service
metadata:
  name: myapp
spec:
ports:
    - port: 8765
      targetPort: 9376
  selector:
    app: example
  type: LoadBalancer
  loadBalancerIP: 79.78.77.76
  loadBalancerSourceRanges:
  - 130.211.204.1/32
  - 130.211.204.2/32
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)