You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Originally posted by briancheldelin April 20, 2024
Background
In environments like Google Cloud Platform and other cloud providers, Kubernetes services of type LoadBalancer can specify loadBalancerSourceRanges. This feature restricts the IP addresses that can access the load balancer. Currently, the Helm chart for deploying the nginx-gateway-fabric cannot configure these IP ranges directly through the Helm values.
Proposal
I propose to enhance the Helm chart by adding support for loadBalancerSourceRanges in the service specification. This addition will allow users to define IP ranges that can access the service, improving security by restricting access to trusted IPs only.
Implementation
The addition involves updating the service.yaml template to include a conditional check for loadBalancerSourceRanges values and append them to the service spec if provided. The values.yaml file will also need to be updated to include a sample configuration for users to modify.
Discussed in #1863
Originally posted by briancheldelin April 20, 2024
Background
In environments like Google Cloud Platform and other cloud providers, Kubernetes services of type LoadBalancer can specify loadBalancerSourceRanges. This feature restricts the IP addresses that can access the load balancer. Currently, the Helm chart for deploying the nginx-gateway-fabric cannot configure these IP ranges directly through the Helm values.
Proposal
I propose to enhance the Helm chart by adding support for loadBalancerSourceRanges in the service specification. This addition will allow users to define IP ranges that can access the service, improving security by restricting access to trusted IPs only.
Implementation
The addition involves updating the service.yaml template to include a conditional check for loadBalancerSourceRanges values and append them to the service spec if provided. The values.yaml file will also need to be updated to include a sample configuration for users to modify.
Example:
In values.yaml, users could specify:
This list would be utilized in service.yaml as:
Benefits
The text was updated successfully, but these errors were encountered: