GKE pods to other VPC peered instance not reachable

pbms

1/12/24, 5:34 PM

I've created a VPC-native GKE private cluster. My Pod address range is 10.20.0.0/16 and my Service address range is 10.26.1.0/16.

GKE is setup on vpc-8 private subnet (100.17.8.0/24). I need to connect from pod to remote instances which are on another vpc, i.e vpc-2 (100.17.2.0/24 - this on different cloud) but getting below error:

curl: (7) Failed to connect to example.private.com port 443: Connection timed out

Tunnel established between vpc-2 and vpc-8. All my instances are in private subnets. vpc-8 instance able to telnet to vpc-2 private instance. But its failing from GKE ckuster pods as pods are using different CIDR 10.20.0.0/16 .

Please suggest any routing or connectivity changes needed.

178

1 + 0

networking

kubernetes

google-cloud-platform

google-kubernetes-engine

Score:2

Server

pbms

1/13/24, 11:58 AM

I was able to fix this issue using ip masquerade daemonset created in GKE

REF: https://github.com/kubernetes-sigs/ip-masq-agent

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: GKE pods to other VPC peered instance not reachable

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.