NAT gateway (static ip) #9
Comments
|
Hey @klausenbusk you are correct that this is more of a general DO feature than k8s specific, but it is a feature that is currently on the product roadmap for the networking team. Timelines can shift dramatically, but I think they are targetting early 2020. Would you be interested in a feature where you can pay to have staticIPs assigned to your nodes so that all your egress traffic keeps coming from the same IPs? |
Do you mean a staticIP per node or some sort of gateway so multiple nodes can use the same IP for egress traffic? If it is the latter then yes. Ideally I should be able to scale the cluster up or down, without the IP changing. |
Yes.
No, but perhaps you could set this up with a service mesh of some kind in conjunction with us creating a staticIP feature. |
|
Hello, I'm the product manager for network at DO. Just to give some context, Nathan is right that we are working on improving how to make gateways at DO, right now our private network has some limitations for that and we are working to make it more flexible early next year. Unfortunately we won't have a fully managed NAT gateway right then, but we want to do so in the future, just a matter of time. |
|
@rafaelrosafu Do you have any update of this? |
|
VPC was just released, but we still need a NAT Gateway product. |
|
I need it !! |
|
@rafaelrosafu a year has nearly passed. Do you have any update on this? |
|
Hi @rafaelrosafu any update you can share? |
|
This is really important nowadays. Most people do not want to manage their NAT Gateways or make sure its not a singe point of failure. Any news on that? |
|
Any update on this? thanks |
|
Any update? As soon as DO would have NAT gateway, i am migrating from AWS :) |
|
Not yet unfortunately, but we do realize it's a frequently requested feature. Will certainly be considered for roadmap planning. |
|
Much needed feature |
|
For now will be great at least to enable such NAT in Cillium |
|
for now it's has this: https://github.com/digitalocean/k8s-staticroute-operator/ you can create a droplet and make it as your egress gateway, but if this droplet down.. your egress traffic stop working.. |
|
We would like to see this feature as well |
|
Hi, We need this too and want to know where are we with this? |
|
Yes please, no updates from Nov 2019 almost 4 years :) |
|
This feature is currently blocking me from using DOKS |
|
a NAT gateway is really neccesary for VPC networking, it's blocking me from using DOKS |
|
I don't think NAT Gateway is planned in near future, best way to go about it is using crossplane. I deployed it for two of my clusters and so far it's working just fine. If you want to give it a try then you can follow the URL : https://github.com/digitalocean/k8s-staticroute-operator/ |
|
I think this is really needed feature, I am thinking to move all my cluster from DO to AWS as this is in discussion since 4 years and yet no action on this from DO side. |
|
It's unfortunate that this hasn't been added yet; I've been waiting for it since Kubernetes came out on DO. While it would certainly be possible to manually create a gateway droplet and route egress traffic through it, it adds an additional point of failure for customers. For SaaS companies to serve certain types of customers (think governments & large companies), providing said customers with a list of IPs that they must add to their allowlist is a hard requirement for them, and I have no doubt that the fact that this feature not being available is deterring smaller companies from using DigitalOcean specifically for that reason. It would be very nice to have an estimate of when (or whether) this feature will be worked on. |
|
@rafaelrosafu Any updates on this or at least a roadmap? |
|
👋 Timo here from DO. Thanks for all the feedback. We're aware that NAT egress gateway continues to be a frequent customer request. It is definitely on our roadmap, though we cannot speak to specific timelines. We do want to make sure that we nail the right customer experiences. In the meantime, https://github.com/digitalocean/k8s-staticroute-operator may be an acceptable workaround. (Yes, we're aware it has a few gaps and doesn't serve all customers well.) |
|
5 years its in your roadmap |
|
I am not sure if it is still on your roadmap or if they are keeping us waiting. It has been almost 5 years and there still seems to be no progress. |
|
@timoreimann Any news? 👀 |
|
We don't use kubernetes on digitalocean anymore, we moved everything just because of the lack of this feature. 🤷♂️ |
|
@mertcangokgoz Same here. I love DO but the lack of a NAT gateway is critical. I'm planning to move out all the workloads to GCP instead. |
and others
This is probably more a general DO feature request than a k8s specific request.
We need static IPs for egress traffic as it makes it a lot easier for our customers to whitelist traffic from us. We are currently using a
kubeadmcluster and some custom scripting to route all traffic through a single node (which has a floating ip).Ideally we could use DOKS directly.
https://cloud.google.com/nat/docs/using-nat
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
The text was updated successfully, but these errors were encountered: