K
Q

I should have the FW block all the traffic unless its from specific Specific IP addresses, GCloud L7 LB -> GKE

11/15/2019

We are using L7 to point K8S.

I would like to proxy the traffic via CloudFlare.

I should have the FW block all the traffic unless its from specific CF IP addresses. How can I do this?

-- Meir Hazon
cloudflare
google-cloud-platform
google-kubernetes-engine
kubernetes

Similar Questions

kubectl - list all port forwards across all services?
Making a hybrid Kuberentes cluster with OpenStack VMs and Physical Machines
Kubernetes "rollout history" command fails with "namespace not found" for service account
How can I prevent my terminal from breaking?
How to test deletionGracePeriodSeconds in pod templates with K8S

1 Answer

11/22/2019

You can use Cloud Armor to attach policies for incoming requests at HTTP(S) load balancer level.

Is not specified in your question description, but if you're using a GKE cluster with a GCE ingress class, you can also attach these policies to it following this guide.

-- yyyyahir
Source: StackOverflow