VPN is the normal answer - you are extending your private space into the cloud.
On Sun, Jan 21, 2018 at 8:39 AM, Lorenz Vanthillo <lorenz.vanthi...@gmail.com> wrote: > Thanks for your reply. Now I want to use GKE to create my Kubernetes > cluster, so my master IP will be public. I read something here > (https://cloud.google.com/kubernetes-engine/docs/how-to/authorized-networks) > about how we can secure this. > > For our cluster we disabled the GKE Ingress Controller, since that would > create public HTTP(S) load balancers for us when creating Ingress resources. > (like in the tutorial). > We are now just creating deployments (pods, rs, ..), with services of the > type ClusterIP. Those services will only be accessible from inside our > cluster. > > Now we are searching for a good way to connect to this cluster. We were > thinking about a VPN connection which will offer us an IP from inside this > cluster. So we can access the services inside our browser etc. (it will look > public for us, but it's private). > > Is there a way documentated on how we can set this up? > > On 20 January 2018 at 23:36, 'Tim Hockin' via Kubernetes user discussion and > Q&A <kubernetes-users@googlegroups.com> wrote: >> >> Important - this is for kubernetes on GCE, not for GKE. GKE masters use >> public IP, even though the traffic never leaves Google. We are looking at >> how best o support true private GKE. >> >> On Jan 20, 2018 2:34 PM, "Tim Hockin" <thoc...@google.com> wrote: >>> >>> You should not need a public IP unless you access public things. Stuff >>> like GCR (inside Google) will be ok. If you need to egress, you need a NAT >>> (diy for now). >>> >>> On Jan 20, 2018 10:29 AM, "lvthillo" <lorenz.vanthi...@gmail.com> wrote: >>>> >>>> We want to start using Kubernetes on Google Cloud Platform. We want that >>>> this Kubernetes (and all services, etc) are only accessible from inside our >>>> network. It's for development purposes so we don't need public access. (But >>>> we want internet access from inside our cluster, for example to download >>>> dependencies in our Jenkins pod). >>>> >>>> We have some VPN service for users who are working remotely to connect >>>> to our network. >>>> Here I was reading about another solution to make the Kubernetes cluster >>>> private: >>>> https://engineering.bitnami.com/articles/creating-private-kubernetes-clusters-on-gke.html >>>> >>>> I'm searching for ideas/replies/opinions of people who have this >>>> experience with it. >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Kubernetes user discussion and Q&A" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to kubernetes-users+unsubscr...@googlegroups.com. >>>> To post to this group, send email to kubernetes-users@googlegroups.com. >>>> Visit this group at https://groups.google.com/group/kubernetes-users. >>>> For more options, visit https://groups.google.com/d/optout. >> >> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "Kubernetes user discussion and Q&A" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/kubernetes-users/pkam7V4NPt8/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> kubernetes-users+unsubscr...@googlegroups.com. >> To post to this group, send email to kubernetes-users@googlegroups.com. >> Visit this group at https://groups.google.com/group/kubernetes-users. >> For more options, visit https://groups.google.com/d/optout. > > > -- > You received this message because you are subscribed to the Google Groups > "Kubernetes user discussion and Q&A" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to kubernetes-users+unsubscr...@googlegroups.com. > To post to this group, send email to kubernetes-users@googlegroups.com. > Visit this group at https://groups.google.com/group/kubernetes-users. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
