How do I create a private cluster with limited access to public endpoint?

0 votes
Oct 17 in GCP by anonymous
• 5,090 points
44 views

1 answer to this question.

0 votes

When you create a private cluster, you must specify a /28 RFC 1918 address range to be used by the cluster master. The range you specify for the cluster master must not overlap with any subnetwork in your VPC network. After you create the cluster, you cannot change the cluster master's address range.

To create a private cluster using an automatically-generated subnet, run the following command:

gcloud container clusters create private-cluster-0 \ --create-subnetwork name=my-subnet-0 \ --enable-master-authorized-networks \ --enable-private-nodes \ --master-ipv4-cidr 172.16.0.0/28 \ --no-enable-basic-auth \ --no-issue-client-certificate

where:

  • --enable-master-authorized-networks specifies that access to the public endpoint is restricted to IP address ranges that you authorize.

  • --create-subnetwork name=my-subnet-0 causes GKE to automatically create a subnet named my-subnet-0.

  • --enable-ip-alias makes the cluster VPC-native.

  • --enable-private-nodes indicates that the cluster's nodes do not have external IP addresses.

  • --master-ipv4-cidr 172.16.0.0/28 specifies an RFC 1918 range for the master. This setting is permanent for this cluster.

For more info check this out https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters 

answered Oct 17 by Sirajul
• 36,220 points
How can I find out a private cluster's endpoints?

Related Questions In GCP

0 votes
1 answer
0 votes
1 answer
0 votes
1 answer
0 votes
1 answer
0 votes
1 answer
0 votes
1 answer

How do I create a VPCN (Virtual private cloud network) on Google Cloud?

You can connect various GCP resources to each ...READ MORE

answered Sep 23 in GCP by Sirajul
• 36,220 points
27 views