I have a Kubernetes 1.4.5 cluster running on GKE that I would like to put into test. It accepts HTTPS using an Ingress as below
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: keycloak-ingress
annotations:
kubernetes.io/ingress.allow-http: "false"
#kubernetes.io/ingress.class: "gce"
spec:
tls:
- secretName: mysecret
backend:
serviceName: keycloak-https-service
servicePort: 443
Whilst in test, I want to limit the source IPs that can access my cluster. Because the Load Balancer converts the source IP of all incoming traffic into local IP addresses, the Google Cloud firewall cannot limit this traffic. Is there a way I can limit traffic going into the load balancer?
I understand this is strictly an GCE question, but there may be a solution that Kubernetes may offer.