How to restrict network access to a loadBalancer service without ingress?

I have a service with type loadBalancer, which have loadBalancerSourceRanges ips.
but i can still access to the app behind this service from any ip i want.
I tried changing the NodeBalancer to use a proxy protocol, and added the Annotation " v1" To my service configmap.
but now i can't access the app at all.
in all the documentation i see the use of ingress and the instruction to add "use-proxy-protocol". but i don't use ingress. only this service type loadBalancer which have a NodeBalancer in lke.

How can i restrict the network access to my loadBalancer without usind ingress?

1 Reply

I can confirm that the ability to add a Cloud Firewall to your NodeBalancer is currently in development. However, this feature has not yet been released and I don't have an ETA to share.

With that in mind, we have some alternative documentation on securing your LKE cluster nodes using IP tables rules. However you need to leave certain ports open to allow for the management of the cluster.


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct