FR: Kubernetes Operator: ingress to an IP routable from cluster #12919
Labels
Comments
irbekrm
added
needs-triage
fr
irbekrm
added a commit
that referenced
this issue
Jul 28, 2024
… traffic to a single IP Add a new connector.spec.dnat field that can be used to route traffic to a single IP address reachable from cluster. This can be used to expose to tailnet a cloud service that can be reached from cluster and does not have a DNS name (cloud services that have DNS names can be exposed to tailnet using ExternalName Services, which is a probably preferable way.) Updates #12919 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
irbekrm
added a commit
that referenced
this issue
Jul 28, 2024
… traffic to a single IP Add a new connector.spec.dnat field that can be used to route traffic to a single IP address reachable from cluster. This can be used to expose to tailnet a cloud service that can be reached from cluster and does not have a DNS name (cloud services that have DNS names can be exposed to tailnet using ExternalName Services, which is a probably preferable way.) Updates #12919 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
irbekrm
added a commit
that referenced
this issue
Jul 28, 2024
… traffic to a single IP Add a new connector.spec.dnat field that can be used to route traffic to a single IP address reachable from cluster. This can be used to expose to tailnet a cloud service that can be reached from cluster and does not have a DNS name (cloud services that have DNS names can be exposed to tailnet using ExternalName Services, which is a probably preferable way.) Updates #12919 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
irbekrm
added a commit
that referenced
this issue
Jul 28, 2024
… traffic to a single IP Add a new connector.spec.dnat field that can be used to route traffic to a single IP address reachable from cluster. This can be used to expose to tailnet a cloud service that can be reached from cluster and does not have a DNS name (cloud services that have DNS names can be exposed to tailnet using ExternalName Services, which is a probably preferable way.) Updates #12919 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
irbekrm
added a commit
that referenced
this issue
Jul 29, 2024
… traffic to a single IP Add a new connector.spec.dnat field that can be used to route traffic to a single IP address reachable from cluster. This can be used to expose to tailnet a cloud service that can be reached from cluster and does not have a DNS name (cloud services that have DNS names can be exposed to tailnet using ExternalName Services, which is a probably preferable way.) Updates #12919 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What are you trying to do?
We already support exposing to tailnet non-public cloud services that are reachable from cluster via ExternalName Services. This works if the service has a DNS name that can be resolved from within the cluster. In some cases users have a service with relatively static IP, but no DNS name.
We could add another field to the
ConnectorCRD to allow ingress to a single IP, i.eThis can already be achieved today using a subnet router. However, that requires extra steps to deal with the overlap (4via6). We already have all the building blocks to implement this and if it provides better user experience it might be worth it.
cc @maisem
The text was updated successfully, but these errors were encountered: