View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions Cloud firewall and kubernetes
Log in to Ask a Question

Cloud firewall and kubernetes

We have a database server running on a normal Linode that is accessed from applications running in Kubernetes.

Is there a way to restrict access with the cloud firewall, without manually changing the rules whenever a kubernetes node gets recreated with either autoscaling or recycling when updating ?

As a stopgap, is there a published list of public IP ranges for a given datacenter ?

1 Reply

Linode Staff

It is important to note that we generally advise against setting static Cloud Firewall rules for LKE nodes, since autoscaling or recycling nodes in a pool can lead to new nodes with different IP addresses being allocated, which could poke holes in a security stance reliant on IP whitelisting.

If you haven't already seen this, one of our staff members wrote this very comprehensive post on the Community Questions site about the relative tradeoffs and limitations associated with using the Cloud Firewall product with LKE:

This other, unrelated post has some interesting strategies that potentially be adapted for your use-case:

Lastly, we are not able to disclose the IP ranges of our data centers, but the public IP ranges we own can be found in public databases. Here are a couple of resources that you may find useful:

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct