How to prevent public access to GKE Ingress and make it accessible just for Apigee X

Question

I am new in Cloud stuff, and my question may be basic, but this problem has bugged me for a week, and I don't know how to fix it.

I deployed my first Cloud project on GCP using GKE. After that, I used Kubernetes Ingress to expose its service. On the API gateway side, I used Apigee X. And successfully created a proxy and used the Ingress's IP address as the proxy's backend. Up to now, everything is fine.

My problem is to prevent public access to GKE Ingress and make it accessible just for Apigee X to communicate with it.

I am thinking of creating an internal ingress ( I know we have both external and internal options for Ingress in GKE) and giving the internal IP address to the Apigee proxy's backend. But I am unsure if and how to make Apigee load balancer talk to an internal IP address.

Does this help? https://stackoverflow.com/questions/47893375/limiting-access-by-ip-in-kubernetes-on-gcps-gke — Alex G, Oct 19 '21 at 09:28

score 0 · Answer 1 · answered Oct 25 '21 at 03:02

0

Your need create your cluster as Private

In a private cluster, nodes only have internal IP addresses, which means that nodes and Pods are isolated from the internet by default.

answered Oct 25 '21 at 03:02

Arden Smith

432
2
8

How to prevent public access to GKE Ingress and make it accessible just for Apigee X

1 Answers1