I want some of my GKE deployments to use a public static IP for egress traffic to the internet.
Here is what I already know is possible:
- Use gcp's nat gateway and NAT ALL public traffic from a cluster/vpc
- Create a GCE instance with IP forwarding and create a routing rule to route specific traffic through the GCE instance- to selectively NAT traffic
I'd like to avoid either and just assign a reserved global IP to a GKE deployment/pod (like I can assign a reserved IP to an ingress). Is this at all possible?
I want outbound traffic from some pods (deployments) to use the same static public IP, but for most deployments I don't want to NAT their traffic at all.
I also can't use the underlying node's public IPs because I autoscale and the node's IP could change - you can't use reserved IPs for nodes as far as I know.
EDIT: Azure seems to support what I'm looking for with azure-egress
https://docs.microsoft.com/en-us/azure/aks/egress. So I can see at least one provider has an official solution for this. I am wondering if GKE has something similar.