Recently, we explored Preserving the Source IP address on AWS Classic Loadbalancer and Istio’s envoy using the proxy protocol in our first Part. Continuing to the second part of this series, we will look at How can we apply IP whitelisting on the Kubernetes microservices! There are some microservices behind an internet-facing loadbalancer that we want to have limited access to, based on source IP address.
The environment took for implementing this scenario: This blog is divided into solution for Version 1.4 and 1.5/1.6 In Istio’s component called Mixer, you can apply IP whitelisting using Mixer Policy.
Therefore in precondition checks, we apply a policy to restrict and allow access to our microservices.