This section will cover how network traffic is routed in and out of the cluster in an HA way.
Of course, if you are running on AWS, the easiest option is to use your cloud provider’s features for this. Namely:
- Elastic Load Balancers
-
For incoming traffic into your Kubernetes cluster.
- NAT Gateway
-
For outgoing traffic, so that:
-
your traffic always appears as originating from specific IPs (useful, e.g. for firewall whitelisting)
-
you can keep all your EC2 instances in a private subnet (so that they don’t have a public IP) but still give them internet access.
-
We’ve put together some instructions for each:
Or, you may want to skip ahead to Persistent Storage for Kubernetes.