K
Q

Unify outbound request ip from kubernetes cluster

6/23/2021

I have a kubernetes cluster having 5 nodes, deployed on aws using kops.

I have a setup a load balancer and ingress-nginx controller for reverse proxy.

So, all incoming request come to a single ip which is of the load balancer.

I have an service admin-srv inside the cluster which forwards request to two pods.

The problem is whenever I make request to some domain example.com from these pods, the source ip assigned is random and picked from any node

So, one time I hit request it is something like 5.1..., again if hit the ip becomes 5.2....

The domain that I am calling example.com they need one ip that would not change and they will whitelist that.

How it can be achieved?

-- confusedWarrior
amazon-web-services
docker
kubernetes

Similar Questions

How to prevent minikube cluster from running at startup?
unable to access the application deployed on kubernetes cluster using kubernetes playground
Visit Kubernetes dashboard through nginx proxy
Partially Rollout Kubernetes Pods
Network connectivity/DNS issues on a GKE 1.10 kubernetes cluster

1 Answer

6/23/2021

You have to set the NAT gateway for this scenario.

So using the NAT gateway all the out bound request will be diverted using the one VM and you will get single IP for the out bound traffic also.

You can read more about the NAT : https://cloud.google.com/nat/docs/overview

AWS : https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html

If you are one the GKE you can take a look on this example of terraform : https://registry.terraform.io/modules/GoogleCloudPlatform/nat-gateway/google/latest/examples/gke-nat-gateway

-- Harsh Manvar
Source: StackOverflow