Accessing Redis cluster on Google Kubernetes Engine
Question
I have deployed a Redis cluster on Google Kubernetes Engine using Kubernetes's provided examples . It works as expected.
I am attempting to connect to this cluster from client applications. I am aware that Redis does not provide encryption, nor is the recommended practice to expose the cluster to the world, and it's intended to be accessed from private and trusted networks.
If by default, redis binds to the loopback interface, how can I connect with standard (Go or Python) client libraries to the cluster?
1 answers
solution1
2 ACCPTED 2017-12-14 18:20:11
As Carlos described kubectl proxy might be an approach. Here are some alternatives.
I would say that look at how cloud services providing Redis-as-a-Service are doing this. Do they have a password auth model? Do they have TLS certificates? Figure out how they provide auth and you can configure it that way too.
If there's no authentication,
kubectl proxyandkubectl port-forwardwill give you a secure tunnel into the cluster, so you don't have to expose the redis Service to public internet.Use new feature
Internal Load Balancerhttps://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing . This lets you access your Redis cluster (running on GKE with a non-public IP address) to other GCE VMs in your network. This still doesn't do authentication/authorization, but at least it's not exposed to the public Internet.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.