I need to find a way to have 1 IP that is used by all pods everytime they need to connect to the "outside world".
FULL VERSION:
I'm trying to integrate my application with a Payments Gateway service. However, this service needs to whitelist my servers IP, refusing all other connections for security.
Now, I'm running a GKE (3, actually) cluster with Kubernetes 1.5.2. In this cluster I have around 30 pods and I need 1 in specific to route it's Internet directed traffic through a static, predicatable IP address.
Right now, I have to give a list of my cluster instances external IPs to be whitelisted but this is a problem.
The cluster is setup to autoscale up to 5 instances and also all these instances have an ephemeral IP and 1 - I DON'T want to be forced into turning all these into static IPs. 2 - I also DON'T want to be forced to expose that particular pod through an external endpoint making it available for Internet-to-cluster directed connections.
Is there any way I can say/configure:
- This pod forwards all it's Internet directed connections through X endpoint?
Obviously, this should be something easy to configure to work with 1 pod
or with all of them I so desired.
What's the correct course of action here? How can I achieve this?
I've referenced this SO question and the Source IP docs on Kubernetes as well as this instructions on how to setup a NAT Gateway (which, given the flexible cluster config, I don't think would work)