I assume it's AWS because of lambda, right? Then just change to nodePort and make sure that port, in the AWS EC2 security group, is not open to the internet (0.0.0.0.0 or something) but only for the security group running the lambda (not sure how lambdas are run, but probably are run within a security group too).
Does that make the trick? On Wed, Jun 28, 2017 at 5:53 PM, Norman Khine <nor...@khine.net> wrote: > hello, I am using > https://github.com/kubernetes/charts/blob/master/stable/mongodb-replicaset > to deploy a 3 node mongo instance all works fine within the k8s cluster, but > i would like to allow my lambda function access to mongo as well. > > what is the correct way to securely achieve this and how would you modify > https://github.com/kubernetes/charts/blob/master/stable/mongodb-replicaset/templates/mongodb-service.yaml#L17 > so that it is using type: NodePort or type: LoadBalancer as discussed in > this thread > https://stackoverflow.com/questions/43876653/accessing-mongo-replicas-in-kubernetes-cluster-from-aws-lambdas > ? > > any advice is much appreciated > > -- > You received this message because you are subscribed to the Google Groups > "Kubernetes user discussion and Q&A" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to kubernetes-users+unsubscr...@googlegroups.com. > To post to this group, send email to kubernetes-users@googlegroups.com. > Visit this group at https://groups.google.com/group/kubernetes-users. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
