feat(firewall): Allow ssh connections from k8s secondary IPs (!95) · Merge requests · SwissTwins / vc-shared-services

Context

Adds k8s secondary ranges to ssh internal firewall rule. Allows pods and services to access ssh servers in the VPC.

Allows for the creation of an internal load balancer for login nodes.

Deploy shared services. Check the internal ssh rule:

# Assuming you are using the suggested workspace name
gcloud compute firewall-rules describe "$USER"-ssh-internal

It should have 4 source IP ranges. By default, they should be:

sourceRanges:
- 35.235.240.0/20
- 172.16.0.0/13
- 172.24.0.0/13
- 10.0.0.0/24