Networking [SOLVED]: Can I remove the external IP from my GKE cluster?

Networking [SOLVED]: Can I remove the external IP from my GKE cluster?

Home Forums Networking Networking [SOLVED]: Can I remove the external IP from my GKE cluster?

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #35271

    Anonymous

    QuestionQuestion

    I’ve just started using Google Kubernetes Engine (GKE) and I love it.

    I spent some time getting an Internal Load Balancer working so my app has a 10.128.0.0/16 IP.

    Now I am wondering, can I remove the external IP from my cluster?

    All I am finding is that Google requires the external IP on the cluster and that it can’t be removed. Does anyone have any experience with this?

    I’m working with health data and I’m hesitant to deploy a production application into a cluster with an external IP. I think that the firewall on my project provides enough protection but I just feel wrong having system with an external IP if I intend to put individual health data into it. If you don’t know the answer to the “can I remove the external IP from my cluster?” question, I would love to get some comments on that. I see GKE is Covered Product in Google’s HIPAA Compliance documentation.

    #35272

    Anonymous

    Accepted AnswerAnswer

    Google Kubernetes Engine has a beta feature called Master Authorized Networks that allows you to restrict traffic to the IP of your hosted Kubernetes control plane by CIDR blocks. Note that GCE public IPs will still be able to access your cluster endpoint, so it isn’t as good as fully private clusters but it is much better than having the IP available to the entire internet.

    Source: https://serverfault.com/questions/886384/can-i-remove-the-external-ip-from-my-gke-cluster
    Author: Robert Bailey
    Creative Commons License
    This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.