On Friday, October 13, 2017 at 9:05:14 PM UTC+5:30, Tim Hockin wrote:
> On Fri, Oct 13, 2017 at 3:17 AM, <dbgh...@gmail.com> wrote:
> > On Friday, July 28, 2017 at 11:52:27 AM UTC+5:30, Tim Hockin wrote:
> >> Private Google Access is not a private subnet. That simply allows your
> >> VMs to access google service without a public IP. You still have to make
> >> VMs without a public IP, which GKE does not support yet.
> > Are there any near plan to have GKE working in Private network ? I don't
> > want to expose my containers to public IPs
> We are evaluating how best to support this. In the mean time, it's
> important to note that none of your containers are exposed by default,
> they do not have external IPs, and with the exception of the nodes'
> SSH port, all the default GCP firewalls default to "closed". The only
> "public" traffic required is GKE masters <-> nodes, and that is only
> "public" in name. The traffic stays withing Google's network.
I would like to give this thread a bump and love to know if there is any update.
It is not uncommon to allow access to a service by whitelisting the public ip.
Each kubernetes node having its own public ip makes a mess. Right now, only
solution seems to be running a NAT instance. GCP doesn't provide NAT gateway
as service either, so one would have to deal with scaling and high availability
You received this message because you are subscribed to the Google Groups
"Kubernetes user discussion and Q&A" group.
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to email@example.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.