Autopilot Firewall Rule when using Regional LB #2265
Labels
enhancement
New feature or request
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
TL;DR
Hi,
Im using beta-autopilot-public module. Using nginx-ingress behind a Regional ALB. It turns out that for the LB to be able to do HC and reach the PODs it needs to allow some source ip ranges.
LB Healtcheck Range (in google docs)
Proxy subnet (defined by us)
10.129.0.0/23It should be fine to add these sources to the current GKE module Firewall rule, like the one with the -VMS suffix. I did not find a way in the module to add extra source ips.
Am i missing something in the module perhaps? I did enable the wehooks and rest of the firewall vars but did not see anything to add extra IPs
Thanks!
Terraform Resources
Detailed design
Additional information
No response
The text was updated successfully, but these errors were encountered: