Question

How do I create an IP whitelist in DigitalOcean Kubernetes clusters?

Posted August 1, 2019 761 views
Kubernetes
  • request.headers[“x-real-ip”] doesn’t apppear to have the real external ip address
  • DO firewall is attached to the K8s cluster but is already whitelisted to internal ips only as the load balancer only has access to the cluster
  • can’t attach a DO firewall to the load balancer
edited by MattIPv4

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer

Hi there,

One way I can think that you can achieve this is to use an ingress controller like nginx.

Expose the nginx ingress controller as a ‘LoadBalancer’. Then use service annotations to configure the nginx whitelist per the docs here.

https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#whitelist-source-range

This will allow you to manage traffic more fine grained via your ingress controller and ingress rules.

Hope this helps!

Regards,

John Kwiatkoski
Senior Developer Support Engineer

Submit an Answer