Many applications need to be whitelisted by consumers based on source IP address, usually for security reasons. As of today, Google Kubernetes Engine doesn’t support assigning a static pool of addresses to GKE cluster and requires the deployment of a complex NAT based solution which is expensive, hard to maintain and requires a complex set of rules for load-balancing and redundancy.

kubeIP is an attempt to solve this problem by assigning static external IP addresses from a reserved address pool to GKE nodes and continually watching the Kubernetes API for new nodes and applying changes accordingly.

kubeIP is written in Go and it is running as a pod inside your GKE cluster without any modification to the cluster itself. Configuration is done via environment variables which are exposed in a kubeIP’s ConfigMap.

apiVersion:

v1

data: KUBEIP_LABELKEY: "kubeip" KUBEIP_LABELVALUE: "my-gke-cluster-1" KUBEIP_NODEPOOL: "default-pool" kind:

ConfigMap

metadata: labels: app:

kubeip

name:

kubeip-config

namespace:

default

kubeIP registers itself as a listener to the Kubernetes cluster events. When there is an event of a new node being created, kubeIP will check the reserved pool for a free static IP address (labeled with a name of your GKE cluster) and will assign it to the new node. If there are no addresses available, no action will be taken.

To make the deployment easier, we are providing a docker image of kubeIP at docker hub (docker pull doitintl/kubeip) or you can build it from the source code yourself by cloning kubeIP GitHub repository.

Want more stories? Check our blog, or follow Aviv on Twitter.