How to access services in a different Kubernetes cluster

2
votes

For improved performance and availability we'd like to distribute certain services from out stack across different Kubernetes clusters in different parts of the world (GCP regions).

The majority of our stack will continue to run in one cluster / region but some user facing services will be deployed all over the world.

Some of these services need to access other services in our main cluster.

Q: How can we reliably access services in a different Kubernetes cluster?

Using internal load balancers seems to be out of the question as those are per region only.

We'd like to keep the communication between our services inside the private GCP network and avoid going over the public internet. So an public ingress also wouldn't work.

2
kubernetesgoogle-kubernetes-engine

2 Answers

1
votes

VPC networks are global resources, not restricted by regional boundaries, and so with the correct firewall rules set up, you should be able to access any internal resource from any other resource "right out of the box", assuming they are in the same VPC network and same project.

-1
votes

Take a look at VPN Peering: https://cloud.google.com/vpc/docs/vpc-peering
It allows you to connect two vpcs (in different regions) so that they can communicate privately. You may have to recreate/reconfigure your Kubernetes in order to support this vpc architecture.