Home > Software design >  Why use a TCP firewall rule with an external http load balancer?
Why use a TCP firewall rule with an external http load balancer?

Time:06-15

Question

I'm deploying an external HTTP load balancer for a Kubernetes cluster. What is the necessity for having a VPC firewall rule that allows TCP traffic on port 80?

Context

In preparation for the Google Cloud Platform Associate Cloud Engineer exam, I'm studying on CloudSkillsBoost. There is a challenge lab (enter image description here

CodePudding user response:

  1. The load balancer does not need or support firewall rules. Listening ports are defined by frontends. Optionally, there is Cloud Armor that can act as a firewall.

  2. A Kubernetes cluster starts as a collection of Compute Engine instances. That means you must allow traffic into the VPC to reach the instances. In your drawing, the load balancer is listening on port 80 and forwarding traffic to port 80. Therefore you need a firewall ingress rule to allow port 80 traffic.

Page link:https//www.codepudding.com/Softwaredesign/442109.html

Prev:Cannot make external API calls from application running inside a kubernetes pod
Next:MongoDB $switch case match with $regex
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding