Static outgoing IP in Kubernetes

Question

I run a k8s cluster in google cloud (GKE) and a MySQL server in aws (RDS). Pods need to connect to RDS which only allows connections from certain IP. How can I configure out

Answer 1

I know this is really old, but for me the solution is to create a private kubernetes cluster in google cloud. If the cluster is private then the nodes won't have any external ips. If the nodes don't have external ip's and we have a cloud nat, then all the out going traffic will have the same ip as cloud nat ip. All of this can be done through google cloud console.

I found this article to be informative on creating private cluster. https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters

If the cluster is private and you need to access it from some remote area, use this command:

gcloud container clusters update {cluster_name} --enable-master-authorized-networks --master-authorized-networks {CIDR notation of your ip}

NOTE: Create the cloud nat in the same region as the the kubernetes cluster. Also when creating the cloud nat, make sure you select 'manual' option for NAT ip addresses, then select one static ip you have. Leave the rest of the configuration to default unless you know what you're doing.

After everything is setup, kubectl exec to any of your pod running in any node. Use dig command to check your outgoing ip.

dig +short myip.opendns.com @resolver1.opendns.com

It should be the same as the cloud nat ip.