Ability to set service externalTrafficPolicy & internalTrafficPolicy to Local #3797
Comments
To allow more modifications to the service created for the pgboucer, add the externalTrafficPolicy and internalTrafficPolicy to the CRD of the service. Issue: CrunchyData#3797
|
Hi, sorry you're running into this, and I can definitely see how it would be necessary to adjust the services that PGO creates. That said, for a short-term fix, could you create/manage services directly? That way you could define the service with exactly the specs that you need. (You could completely ignore the PGO-provided services or use them as models for your services, e.g., what selectors the service needs, etc.) |
|
I've just had another idea, but not sure it will work: PGO doesn't directly edit the |
Thank you @benjaminjb |
|
Just noting here that we have a story in our development backlog for this ability. |
To allow more modifications to the service created for the pgboucer, add the externalTrafficPolicy and internalTrafficPolicy to the CRD of the service. Issue: CrunchyData#3797
To allow more modifications to the service created for the pgboucer, add the externalTrafficPolicy and internalTrafficPolicy to the CRD of the service. Issue: #3797
Overview
We have some clients connecting to our databases from outside the Kubernetes cluster. By default service with type Loadbalancer set externalTrafficPolicy/internalTrafficPolicy to Cluster which mask the source IP with the Kubernetes nodes IP. In this case we can not control the access to the cluster based on source IP.
Use Case
Setting externalTrafficPolicy/internalTrafficPolicy to local allows us to preserve IPs of the client, thus we can restrict/allow access via pg_hba.
Desired Behavior
Ability to set service externalTrafficPolicy & internalTrafficPolicy to Local
The text was updated successfully, but these errors were encountered: