Look into NetworkPolicy - it's not your traditional VLAN approach to ACL, it's more dynamic and application-focused.
On Mon, Jan 29, 2018 at 10:27 PM, Oğuz Yarımtepe <oguzyarimt...@gmail.com> wrote: > My current k8s structure is 2 worker and one master node deployment. I am > testing it with NodePort services. Now we will install a bigger cluster, 3 > master and more worker nodes. The problem is, using NodePort is causing all > the services exit with the same worker node ips. But we need vlan > definitions and isolate services or pods. Our switch has ACLs related with > these vlans so, some can access eachother some can not. How can i define > this structure at K8s? > > Any tip? > > I know Calico can be used, but this will be a software based approach. Any > other method at network level? > > -- > You received this message because you are subscribed to the Google Groups > "Kubernetes user discussion and Q&A" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to kubernetes-users+unsubscr...@googlegroups.com. > To post to this group, send email to kubernetes-users@googlegroups.com. > Visit this group at https://groups.google.com/group/kubernetes-users. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
