Kubernetes 中的静态传出 IP [英] Static outgoing IP in Kubernetes

问题描述

我在谷歌云 (GKE) 中运行 k8s 集群，在 aws (RDS) 中运行 MySQL 服务器.Pod 需要连接到仅允许来自特定 IP 的连接的 RDS.如何将传出流量配置为具有静态 IP?

I run a k8s cluster in google cloud (GKE) and a MySQL server in aws (RDS). Pods need to connect to RDS which only allows connections from certain IP. How can I configure outgoing traffic to have a static IP?

推荐答案

我在从 Pod 连接到 sftp 服务器时遇到了同样的问题.要解决这个问题，首先您需要创建一个外部 IP 地址:

I had the same problem to connect to a sftp server from a Pod. To solve this, first you need to create an external IP address:

gcloud compute addresses create {{ EXT_ADDRESS_NAME }} --region {{ REGION }}

然后，我假设您的 pod 已分配给您的默认池节点集群.提取您的默认池节点名称:

Then, I suppose that your pod is assigned to your default-pool node cluster. Extract your default-pool node name:

gcloud compute instances list | awk '{ print $1 }' | grep default-pool

擦除vm实例的默认外部ip:

Erase default external ip of the vm instance:

gcloud compute instances delete-access-config {{ VM_DEFAULT-POOL_INSTANCE }} --access-config-name external-nat

添加之前创建的外部静态IP:

Add your external static ip created before:

gcloud compute instances add-access-config {{ VM_DEFAULT-POOL_INSTANCE }} --access-config-name external-nat --address {{ EXT_ADDRESS_IP }}

如果您的 Pod 未附加到默认池节点，请不要忘记使用 nodeSelector 选择它:

If your Pod is not attached to the default-pool node, don't forget to select it with a nodeSelector:

nodeSelector:
    cloud.google.com/gke-nodepool: {{ NODE_NAME }} 

这篇关于Kubernetes 中的静态传出 IP的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！