I've created kubernetes cluster using kops
kops create cluster \
--dns-zone=vpc.abc.in \
--master-zones=ap-southeast-1a,ap-southeast-1b,ap-southeast-1c \
--zones=ap-southeast-1a,ap-southeast-1b,ap-southeast-1c \
--node-count 3 \
--topology private \
--networking flannel-vxlan \
--node-size=t2.medium \
--master-size=t2.micro \
${NAME}
I'm using private topology and internal loadbalancer.
Whenever I create service of type=LoadBalancer it creates a public facing ELB and url is accessible publically.
I want to deploy Elastic Search and kibana and make it available only inside VPN. We already have VPN setup.
How to make service accessible within the VPN?
Add the following annotation to your service definition:
service.beta.kubernetes.io/aws-load-balancer-internal: '"true"'
Full example:
kind: Service
apiVersion: v1
metadata:
name: my-service
annotations:
service.beta.kubernetes.io/aws-load-balancer-internal: '"true"'
spec:
selector:
app: MyApp
ports:
- protocol: TCP
port: 80
targetPort: 9376
type: LoadBalancer
This will provision an internal ELB rather than external.