Here is the Kubernetes (k8s) cluster I have:

• 1 master node, 2 worker node, and all 3 nodes have 2 network interface as follow:
  • 1 Public network interface (9.191.95.0/24)
  • 1 Private network interface (192.168.1.0/24)

I deployed 2 pods on this cluster and deployed 2 services for them as follows:

• Pod1 (with containerPort 389), Service1 for Pod1 (of type NodePort, with port 31389 and targetPort 389)
• Pod1 can be accessed from outside the cluster via master's IP (both public and private) + port 31389
• Pod2 (with containerPort 11194), Service2 for Pod2 (of type NodePort, with port 31194 and targetPort 11194)
• Pod2 can be accessed from outside the cluster via master's IP (both public and private) + port 31194

However, my goal is to let Pod1 only be accessed from outside the cluster by over the Private network and Pod2 only be accessed from outside the cluster over the Public network. I checked the k8s official documentation on Services, it said:

If you want to specify particular IP(s) to proxy the port, you can set the --nodeport-addresses flag in kube-proxy to particular IP block(s); .... For example, if you start kube-proxy with the --nodeport-addresses=127.0.0.0/8 flag, kube-proxy only selects the loopback interface for NodePort Services.

It seems the --nodeport-addresses setting is for global, and can't b applied per Pod/Services. Does anyone know how to configure k8s to achieve my goal?