NB there are two issues here:
1) how to run a cluster where the VMs have no public IP, and the node
<-> master comms are private IP.
2) how to run a cluster with long-term-stable egress IPs.
They are not the same issue, despite being related :)
On Wed, Mar 7, 2018 at 2:27 AM, <aditya...@media.net> wrote:
> On Friday, October 13, 2017 at 9:05:14 PM UTC+5:30, Tim Hockin wrote:
>> On Fri, Oct 13, 2017 at 3:17 AM, <dbgh...@gmail.com> wrote:
>> > On Friday, July 28, 2017 at 11:52:27 AM UTC+5:30, Tim Hockin wrote:
>> >> Private Google Access is not a private subnet. That simply allows your
>> >> VMs to access google service without a public IP. You still have to make
>> >> VMs without a public IP, which GKE does not support yet.
>> > Are there any near plan to have GKE working in Private network ? I don't
>> > want to expose my containers to public IPs
>> We are evaluating how best to support this. In the mean time, it's
>> important to note that none of your containers are exposed by default,
>> they do not have external IPs, and with the exception of the nodes'
>> SSH port, all the default GCP firewalls default to "closed". The only
>> "public" traffic required is GKE masters <-> nodes, and that is only
>> "public" in name. The traffic stays withing Google's network.
> I would like to give this thread a bump and love to know if there is any
> It is not uncommon to allow access to a service by whitelisting the public
> ip. Each kubernetes node having its own public ip makes a mess. Right now,
> only solution seems to be running a NAT instance. GCP doesn't provide NAT
> gateway as service either, so one would have to deal with scaling and high
> availability themselves.
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q&A" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to kubernetes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to email@example.com.
> Visit this group at https://groups.google.com/group/kubernetes-users.
> For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups
"Kubernetes user discussion and Q&A" group.
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to firstname.lastname@example.org.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.