Google Container Engine and VPN

Question

Google Container Engine and VPN

I want the Google Container Engine to host multiple containers for the development environment, and my office connects through a VPN .

Question:

Is the Pod IP address visible to me? Or do I only see Node?
Is skyDNS supported by kubernetes available for pod available to me?

Suppose I have created a "headless" service. Can I access this via VPN?

{ "kind": "Service", "apiVersion": "v1", "metadata": { "name": "redis-stage-1" }, "spec": { "ports": [{ "port": 36379, "targetPort": 36379 }], "selector": { "name": "redis-stage-1" } } }

+2

google-container-engine

Mr.Wang from Next Door Mar 2 '16 at 4:27

source share

1 answer

Cj cullen · Accepted Answer · 2016-03-02T18:53:20+0000

The IP addresses of groups and services are selected from the cluster CIDR range for your cluster:
```
 gcloud container clusters describe my-cluster | grep clusterIpv4Cidr 
```
If you configure a VPN (and possibly also configure your GCP network ) to forward traffic between your network and your GKE cluster, you must have access to these IP addresses.
Once you have configured the VPN to interact with your cluster, you can add the SkyDNS server to your resolv.conf as a secondary DNS server to access your cluster services. For a service without a headset, DNS lookup for SkyDNS must be enabled for Pod IP, which must be able to intercept VPNs in your cluster.

Google Container Engine and VPN

More articles: