K
Q

Kubernetes Ingress Whitelist IP for host

3/11/2020

How can I whitelist IP addresses for different hosts, but for the same path?

example.com - should be without whitelist. All others must be whitelisted.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
  - host: login.example.com
    http:
      paths:
      - backend:
          serviceName: login
          servicePort: 4444
        path: /
  - host: admin.example.com
    http:
      paths:
      - backend:
          serviceName: admin
          servicePort: 3333
        path: /
  - host: api.example.com
    http:
      paths:
      - backend:
          serviceName: api
          servicePort: 2222
        path: /
  - host: example.com
    http:
      paths:
      - backend:
          serviceName: wp
          servicePort: 1111
        path: /
-- kikis
kubernetes
kubernetes-ingress
nginx
nginx-config
nginx-ingress

Similar Questions

Use secret for ValidatingWebhookConfiguration
how to reference existing ELB DNSName in Cloudformation template
traefik on k8s route to postgres over TCP
Apache pulsar on Kubernetes cluster (Local Environment)

2 Answers

3/16/2020

Basically @ANISH gave you a good idea about nginx.ingress.kubernetes.io/whitelist-source-range, where you can start.

You can specify allowed client IP source ranges through the nginx.ingress.kubernetes.io/whitelist-source-range annotation. The value is a comma separated list of CIDRs, e.g. 10.0.0.0/24,172.10.0.1.

To configure this setting globally for all Ingress rules, the whitelist-source-range value may be set in the NGINX ConfigMap.

However, if you dont want to apply it to all your ingress rules - just create 2 separate ingresses. 1 for whitelisted hosts and second for your example.com host

-- VKR
Source: StackOverflow
3/11/2020

annotations: nginx.ingress.kubernetes.io/whitelist-source-range: "1.1.1.1/24"

-- ANISH KUMAR MOURYA
Source: StackOverflow