0 votes
1 view
in GCP by (18.3k points)
recategorized by

I run a k8s cluster in google cloud (GKE) and a MySQL server in aws (RDS). Pods need to connect to RDS which only allows connections from certain IP. How can I configure outgoing traffic to have a static IP?

1 Answer

+1 vote
by (48.8k points)
selected by
 
Best answer

When you create a static public IP address for use with AKS(Azure Kubernetes Service), the IP address resource must be created in the node resource group. Get the resource group name with the az aks show command and add the --query nodeResourceGroup query parameter. The following example gets the node resource group for the AKS cluster name myAKSCluster in the resource group name myResourceGroup:

In the Azure CLI type the following command:

$ az aks show --resource-group myResourceGroup --name myAKSCluster --query nodeResourceGroup -o tsv

MC_myResourceGroup_myAKSCluster_eastus

Now create a static public IP address with the az network public IP create command. Specify the node resource group name obtained in the previous command, and then a name for the IP address resource, such as myAKSPublicIP:

In the Azure CLI write the following code:

az network public-ip create \

 --resource-group MC_myResourceGroup_myAKSCluster_eastus \

  --name myAKSPublicIP \

--allocation-method static

The IP address is shown, as shown in the following condensed example output:

JSON

{

"publicIp": {

"dnsSettings": null,

"etag": "W/\"6b6fb15c-5281-4f64-b332-8f68f46e1358\"",

"id": "/subscriptions/<SubscriptionID>/resourceGroups/MC_myResourceGroup_myAKSCluster_eastus/providers/Microsoft.Network/publicIPAddresses/myAKSPublicIP","idleTimeoutInMinutes": 4,"ipAddress": "40.121.183.52",

[..]

}

You can later get the public IP address using the az network public-ip list command. Specify the name of the node resource group, and then query for the IP address as shown in the following example:

In the Azure CLI type the following command:

$ az network public-ip list --resource-group MC_myResourceGroup_myAKSCluster_eastus --query [0].ipAddress --output tsv

40.121.183.52

Hope this helps!

...