Is there a way to set nat on kubernetes nodes?

I have a kubernetes cluster. And I have a client that would like to whitelist IP addresses of my cluster. The problem is that the nodes are changing and the IPs are different. Is there a way to configure NAT or some sort of a single static IP that will be used for ALL outbound communication?

By nature of Kubernetes, although cluster Nodes will be administered new IP addresses when they recycle, NodeBalancers do not need to be created/destroyed and will have a static IP. For more information on how to setup a NodeBalancer as an LKE Ingress, be sure to check out the following guide:

Alternatively, you could setup a non-cluster Linode as a Router/NAT to serve as the static frontend of your cluster. This will require additional configuration than a NodeBalancer and some extra consideration since the more traffic your backend receives, the more CPU/RAM resources will be required to support the routing.

For information on setting up a router/forwarding, check out the following:

hi, this is for incoming traffic. Do you have a solution for outgoing traffic?

Hello , any updates on this issue , i am having the same problem .

I am having the same problem!

One potential solution mentioned in the answer in this post titled Static public IP addresses for egress traffic in LKE suggests:

"you could funnel egress to a Linode external of the cluster that could then act as a proxy. This external Linode could then forward the traffic from a static IP address providing the static source IP you are looking for."

You could potentially set up automatic allowlisting from this proxy using the Linode API. You'd need to retrieve a list of your nodes then GET each one and retrieve it's IP address. A requirement for this would be an unrestricted API token on the proxy instance which could be a security risk.

I also suggest checking out the Kubernetes Documentation on Network Policies if you haven't already.


