Istio 1.0.5 on k8s 1.11.5 unableto specify source ip for ELB

#1

Hello !
I need to specify the source ip and restrict the ip’s that are allowed to access my internal ELB on AWS.
Looks like k8s allows this by having the config like this

spec:
  loadBalancerSourceRanges:
  - "143.231.0.0/16"

I see there are ways to specify this in istio 1.1 but i cannot upgrade to 1.1 yet.
1 alternative i have is to directly modify my k8s config and add this spec . Please help

0 Likes

#2

If you are trying to prevent outside traffic into your ELB, use this annotation:

gateways:
  istio-ingressgateway:
    serviceAnnotations:
        service.beta.kubernetes.io/load-balancer-source-ranges: "143.231.0.0/16"
0 Likes

#3

thank you so much @blaketastic2 i will try it out

0 Likes