I have deployed a Redis cluster on Google Kubernetes Engine using Kubernetes's provided examples . It works as expected.
I am attempting to connect to this cluster from client applications. I am aware that Redis does not provide encryption, nor is the recommended practice to expose the cluster to the world, and it's intended to be accessed from private and trusted networks.
If by default, redis binds to the loopback interface, how can I connect with standard (Go or Python) client libraries to the cluster?
As Carlos described kubectl proxy
might be an approach. Here are some alternatives.
I would say that look at how cloud services providing Redis-as-a-Service are doing this. Do they have a password auth model? Do they have TLS certificates? Figure out how they provide auth and you can configure it that way too.
If there's no authentication, kubectl proxy
and kubectl port-forward
will give you a secure tunnel into the cluster, so you don't have to expose the redis Service to public internet.
Use new feature Internal Load Balancer
https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing . This lets you access your Redis cluster (running on GKE with a non-public IP address) to other GCE VMs in your network. This still doesn't do authentication/authorization, but at least it's not exposed to the public Internet.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.