GKE Pod连接到同一子网中的外部VM
[英]GKE Pod Connect to external VM in same subnet
问题描述
I Have a pod that needs to connect to a Database located on GCE Vm's with the same subnet as the GKE nodes. 
我有一个需要连接到位于GCE Vm上的数据库的pod,其子网与GKE节点相同。 I currently have a k8 Service and k8 Endpoint that the pod successfully connects to but the 10.128.0.2 cannot be routed. 我目前有一个k8服务和k8端点,该pod成功连接到但是10.128.0.2无法路由。 Im sure this pertains to a GCP firewall rule/route but I havn't had much luck. 我确定这与GCP防火墙规则/路线有关,但我没有太多运气。
subnet -> 10.128.0.0/9 子网 - > 10.128.0.0/9
cbr0 -> 10.8.15.0/20 cbr0 - > 10.8.15.0/20
eth0 -> 10.128.0.1 eth0 - > 10.128.0.1
k8 services -> 10.11.224/14 k8服务 - > 10.11.224 / 14
Master Version: 1.9.7-gke.3 硕士版:1.9.7-gke.3
kind: Endpoints
apiVersion: v1
metadata:
name: externalDB
namespace: default
subsets:
- addresses:
- ip: 10.128.0.2
ports:
- port: 7199
name: interface
" “
1 个解决方案
解决方案1
2 已采纳 2018-07-27 21:00:15
At this point in time, services and endpoints are not routable; 此时,服务和端点不可路由; however pods are as explained in this article . 但是pod正如本文所述 。 As @cohenjo mentioned, you should directly connect from the pod. 正如@cohenjo所提到的,你应该直接从pod连接。
Edit: I believe that this issue is due to a firewall change on Clusters that are running 1.9.x as described in this article . 编辑:我认为这个问题是由于在本文中描述的运行1.9.x的群集上的防火墙更改。 You can follow the steps provided in the article to allow communication from the GKE cluster to all VM instances on the network or attach the network tag assigned on the node to the VM instance you would like the pod to communicate with. 您可以按照本文中提供的步骤操作,以允许从GKE群集到网络上的所有VM实例进行通信,或者将节点上分配的网络标记附加到您希望pod与之通信的VM实例。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.