Comments (26)
I think this is really needed feature, I am thinking to move all my cluster from DO to AWS as this is in discussion since 4 years and yet no action on this from DO side.
from doks.
This is really important nowadays. Most people do not want to manage their NAT Gateways or make sure its not a singe point of failure. Any news on that?
from doks.
Hi, We need this too and want to know where are we with this?
from doks.
@rafaelrosafu Do you have any update of this?
from doks.
We would like to see this feature as well
from doks.
Would you be interested in a feature where you can pay to have staticIPs assigned to your nodes so that all your egress traffic keeps coming from the same IPs?
Do you mean a staticIP per node or some sort of gateway so multiple nodes can use the same IP for egress traffic? If it is the latter then yes. Ideally I should be able to scale the cluster up or down, without the IP changing.
from doks.
Yes please, no updates from Nov 2019 almost 4 years :)
from doks.
Hello, I'm the product manager for network at DO. Just to give some context, Nathan is right that we are working on improving how to make gateways at DO, right now our private network has some limitations for that and we are working to make it more flexible early next year. Unfortunately we won't have a fully managed NAT gateway right then, but we want to do so in the future, just a matter of time.
from doks.
for now it's has this: https://github.com/digitalocean/k8s-staticroute-operator/
but any ideas how it make resiliancy or fault tolerance it's not have..
you can create a droplet and make it as your egress gateway, but if this droplet down.. your egress traffic stop working..
from doks.
This feature is currently blocking me from using DOKS
from doks.
👋 Timo here from DO.
Thanks for all the feedback. We're aware that NAT egress gateway continues to be a frequent customer request. It is definitely on our roadmap, though we cannot speak to specific timelines. We do want to make sure that we nail the right customer experiences.
In the meantime, https://github.com/digitalocean/k8s-staticroute-operator may be an acceptable workaround. (Yes, we're aware it has a few gaps and doesn't serve all customers well.)
from doks.
Hey @klausenbusk you are correct that this is more of a general DO feature than k8s specific, but it is a feature that is currently on the product roadmap for the networking team. Timelines can shift dramatically, but I think they are targetting early 2020. Would you be interested in a feature where you can pay to have staticIPs assigned to your nodes so that all your egress traffic keeps coming from the same IPs?
from doks.
Do you mean a staticIP per node
Yes.
or some sort of gateway so multiple nodes can use the same IP for egress traffic
No, but perhaps you could set this up with a service mesh of some kind in conjunction with us creating a staticIP feature.
from doks.
VPC was just released, but we still need a NAT Gateway product.
from doks.
I need it !!
from doks.
@rafaelrosafu a year has nearly passed. Do you have any update on this?
from doks.
Hi @rafaelrosafu any update you can share?
from doks.
Any update on this? thanks
from doks.
Any update? As soon as DO would have NAT gateway, i am migrating from AWS :)
from doks.
Not yet unfortunately, but we do realize it's a frequently requested feature. Will certainly be considered for roadmap planning.
from doks.
Much needed feature
from doks.
For now will be great at least to enable such NAT in Cillium
from doks.
a NAT gateway is really neccesary for VPC networking, it's blocking me from using DOKS
from doks.
I don't think NAT Gateway is planned in near future, best way to go about it is using crossplane. I deployed it for two of my clusters and so far it's working just fine. If you want to give it a try then you can follow the URL : https://github.com/digitalocean/k8s-staticroute-operator/
from doks.
It's unfortunate that this hasn't been added yet; I've been waiting for it since Kubernetes came out on DO.
While it would certainly be possible to manually create a gateway droplet and route egress traffic through it, it adds an additional point of failure for customers.
For SaaS companies to serve certain types of customers (think governments & large companies), providing said customers with a list of IPs that they must add to their allowlist is a hard requirement for them, and I have no doubt that the fact that this feature not being available is deterring smaller companies from using DigitalOcean specifically for that reason.
It would be very nice to have an estimate of when (or whether) this feature will be worked on.
Though I am sure there are more pressing matters at hand for DO, it would at least allow people to plan accordingly.
from doks.
@rafaelrosafu Any updates on this or at least a roadmap?
We have third party services that requires us to add ip addresses to their whitelist so we can use their API. We can't use droplet as a gateaway as this is will be both a bottleneck and a point of failure. Currently we manually added nodes public ip addresses to the whitelist, but we are considering moving to another cloud provider that has this functionallity.
from doks.
Related Issues (20)
- Wrong timezone? HOT 5
- Maintain HA on single-node cluster during updates HOT 6
- Automatic minor version k8s upgrades HOT 4
- Scale node pool to zero throws HTTP 500 HOT 2
- Support pod security policies HOT 2
- cert-manager and metrics-server broken in 1.16 upgrade? HOT 8
- dont cap grace period at 0 for soft evictions HOT 2
- support dynamic kubelet config HOT 1
- Support metrics in the integrated dashboard HOT 15
- built-in support for glusterfs client on worker nodes HOT 7
- Integrate DOKS plus managed resources into projects HOT 1
- No metrics for cluster in version 1.20.2-do.0 HOT 6
- kube-state-metrics serviceaccount installed to kube-system namespace by default HOT 3
- Create load balancer for service in same project as cluster HOT 2
- Resizing root partition of a DOKS Worker Node Droplet
- Feature Request: UI Integration to Apply Taints automatically to Node Pools HOT 5
- Linux Kernel 5.x on DOKS Nodes HOT 4
- Feature request: UDP support in Load Balancers HOT 1
- Question about node taints with regard to doks-managed 'coredns' deployment HOT 1
- Cronjob TimeZone in >=1.27, TZ not found HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from doks.