With OpenShift we recommend https://docs.openshift.com/container-platform/3.3/admin_guide/managing_pods.html#admin-guide-controlling-egress-traffic to solve this issue. However it does require that the "egress router pod " be run in a place with a reliable egress IP. So that won't work great on GKE if you cannot maintain even a single node's usage of a reliable egress IP.
Basically that pod just forwards traffic exiting the cluster across a node with a stable IP so it is stable no matter the source. Although, like I said, that does mean that across cluster upgrade the pod needs to land somewhere it has access to a stable egress IP. On Thu, Jan 19, 2017 at 4:46 PM, <tonyli.li...@gmail.com> wrote: > There is no native GKE solution for you. You will be looking to implement > a outbound NAT in GCE, and set your Route to point outgoing traffic from > the GKE cluster to that instance with a Static IP. > > You then use that Static IP as the IP to filter. > > -- > You received this message because you are subscribed to the Google Groups > "Kubernetes user discussion and Q&A" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to kubernetes-users+unsubscr...@googlegroups.com. > To post to this group, send email to kubernetes-users@googlegroups.com. > Visit this group at https://groups.google.com/group/kubernetes-users. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
