View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions How to restrict network access to a loadBalancer service without ingress?
Log in to Ask a Question

How to restrict network access to a loadBalancer service without ingress?

nodebalancer firewall lke

I have a service with type loadBalancer, which have loadBalancerSourceRanges ips.
but i can still access to the app behind this service from any ip i want.
I tried changing the NodeBalancer to use a proxy protocol, and added the Annotation "service.beta.kubernetes.io/linode-loadbalancer-default-proxy-protocol: v1" To my service configmap.
but now i can't access the app at all.
in all the documentation i see the use of ingress and the instruction to add "use-proxy-protocol". but i don't use ingress. only this service type loadBalancer which have a NodeBalancer in lke.

How can i restrict the network access to my loadBalancer without usind ingress?

1 Reply

Linode Staff

I can confirm that the ability to add a Cloud Firewall to your NodeBalancer is currently in development. However, this feature has not yet been released and I don't have an ETA to share.

With that in mind, we have some alternative documentation on securing your LKE cluster nodes using IP tables rules. However you need to leave certain ports open to allow for the management of the cluster.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct