-
Notifications
You must be signed in to change notification settings - Fork 38.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
loadBalancerSourceRanges does not work on GKE #29997
Comments
I just tried it on GKE. It works for me. Here is how I do it:
Anything I missed? |
For the firewall rule of |
@freehan the IP is set correctly, it's the source IP range that is being ignored. |
@Ged15 The source IP ranges works as expected on my GKE cluster. I wonder if this is related to GKE upgrades, because my cluster is a brand new one. |
Can you confirm the following? |
Okay. I think I understand the problem now. Will apply a fix soon. |
Automatic merge from submit-queue syncNetworkUtil in kubelet and fix loadbalancerSourceRange on GCE fixes: #29997 #29039 @yujuhong Can you take a look at the kubelet part? @girishkalele KUBE-MARK-DROP is the chain for dropping connections. Marked connection will be drop in INPUT/OUTPUT chain of filter table. Let me know if this is good enough for your use case.
Hello!
I am running a cluster on GKE (k8s version 1.3.3) and have the following service definition:
When I apply this configuration, the source IP range in the created firewall rule is still
0.0.0.0/0
. Am I missing something? TheloadBalancerIP
seems to be applied correctly every time.The text was updated successfully, but these errors were encountered: