I have a confusion. When i try to access the services like mysql that are externally hosted or outside the cluster, what will be the source address of the packet that are sent to mysql. To make it simple while creating user in mysql for the api to access it, how do i create it?
For example: CREATE USER 'newuser'@'IP or HOSTNAME' IDENTIFIED BY 'user_password';
What should be the IP? the pod IP or the host IP?
Is there any way through which if the pod is spawn in any node but it can authenticate against mysql?
Thank You
When accessing services outside the kubernetes cluster the source IP will be the regular IP of the node, the application is running on. So there is no difference if you run the application directly on the node ("metal") or inside a container. Kubernetes will select an appropriate node to schedule the container (pod) to, so this might change during the lifetime.
If you want to increase the security you should investigate TLS with mutual authentication in addition to the password. The source IP is not the best course of action for dynamic environments like cloud or kubernetes.