Kubernetes Ingress whitelist-source-range Allow all IPs

7/16/2018

I am setting an IP whitelist in my kubernetes ingress config via the annotation ingress.kubernetes.io/whitelist-source-range. But, I have different whitelists to apply for different environments (dev, staging, production, etc.) Therefore, I have a placeholder variable in my deploy.yaml that I find/replace with the appropriate IP whitelist based on the environment.

At the moment, for dev, I am passing an empty string as the whitelist because it should be able to receive traffic from all IPs, which currently works as intended. But, logs in nginx-ingress-controller complain about the following:

error reading Whitelist annotation in Ingress default/{service}: the 
annotation does not contain a valid IP address or network: invalid CIDR 
address:

How do I set a proper whitelist-source-range to allow all IPs but not create noisy error logs like the one above?

-- Jayant Sani
deployment
google-kubernetes-engine
kubernetes
kubernetes-ingress

1 Answer

7/19/2018

Yes, it will give you error reading according to the ingress annotations ip whitelist. It suspecting a IP range or Multiple IP ranges, even you didn't put a value, you will get the reading error as well, to get ride of this error and allow all the IPs put 0.0.0.0/0 this will bypass and fix your issue.

-- Alioua
Source: StackOverflow