GKE 集群出口设置
[英]GKE cluster egress setup
问题描述
I am running GKE cluster with single node.
我正在使用单节点运行GKE集群。 I have set up ingress for managing & forwarding rules inside Kubernetes cluster.我已经设置了用于在Kubernetes集群中管理和转发规则的入口。
however by default pod use instance (Node) IP for external connection.但是默认情况下 pod 使用instance (Node) IP进行外部连接。 I have not set up NAT gateway here.我这里没有设置NAT gateway 。 I have shared node external IP with the third party but changed IP from ephemeral to static to keep it.我已与第三方共享节点外部 IP,但将 IP 从临时更改为静态以保留它。
What is the best way possible now to manage a single IP for egress even if we do auto-scaling from single node to multi-node but egress IP will be the same.即使我们从单节点自动扩展到多节点但出口 IP 将相同,现在管理单个egress IP 的最佳方法是什么。
2 个解决方案
解决方案1
2 已采纳 2020-02-20 03:42:21
The default behaviour for GKE when pods send traffic outside of the cluster, SNAT occurs and the node IP is used to replace the pod IP.当 pod 将流量发送到集群外时,GKE 的默认行为会发生 SNAT,并且使用节点 IP 替换 pod IP。 The destination will only see the node IP.目的地只会看到节点 IP。 If you have more than 1 node, you will end up with more than 1 source IP.如果您有 1 个以上的节点,您最终将拥有 1 个以上的源 IP。
Your best option to ensure you have a single IP for egress traffic is to use Cloud NAT with GKE确保出口流量使用单一 IP 的最佳选择是将Cloud NAT 与 GKE 结合使用
解决方案2
0 2020-03-03 04:03:11
Since all of my instance in public subnet managed GKE NAT gateway will not work.i have used this for my public GKE cluster.由于我在公共子网管理的 GKE NAT 网关中的所有实例都无法工作。我已将此用于我的公共 GKE 集群。
https://registry.terraform.io/modules/GoogleCloudPlatform/nat-gateway/google/1.2.2/examples/gke-nat-gateway https://registry.terraform.io/modules/GoogleCloudPlatform/nat-gateway/google/1.2.2/examples/gke-nat-gateway
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.