I made some research and I found a couple of things.

The thing we are looking for is called "egress IPs" or NAT-as-a-Service and they are both not yet available in GKE.

In any case we have two different options:

1. create a NAT Gateway VM which acts as an egress proxy. Here is a nice article talking about that (google cloud NAT gateway)
2. assign static IPs to container cluster VM instances

Hope it helps!

I had the same problem to connect to a sftp server from a Pod. To solve this, first you need to create an external IP address:

gcloud compute addresses create {{ EXT_ADDRESS_NAME }} --region {{ REGION }}

Then, I suppose that your pod is assigned to your default-pool node cluster. Extract your default-pool node name:

gcloud compute instances list | awk '{ print $1 }' | grep default-pool

Erase default external ip of the vm instance:

gcloud compute instances delete-access-config {{ VM_DEFAULT-POOL_INSTANCE }} --access-config-name external-nat

Add your external static ip created before:

gcloud compute instances add-access-config {{ VM_DEFAULT-POOL_INSTANCE }} --access-config-name external-nat --address {{ EXT_ADDRESS_IP }}

If your Pod is not attached to the default-pool node, don't forget to select it with a nodeSelector:

nodeSelector:
    cloud.google.com/gke-nodepool: {{ NODE_NAME }}