I have an EKS cluster that only allows private API access through another API located in a different VPC. Since there's only private connectivity between these VPCs, I'm trying to figure out if it's feasible to create a VPC Peering connection to the Kubernetes service load balancer. This would enable pods from one VPC to communicate with the services in the private API VPC. Any guidance on setting this up would be really appreciated!
3 Answers
To connect these two VPCs, you can use either PrivateLink or VPC Peering. VPC Peering is a straightforward solution. Just set up the peering connection and update your route tables accordingly to enable communication between VPC A (your EKS) and VPC B (the other API). Don't forget to adjust the security groups on your K8s load balancer to allow traffic from VPC B!
PrivateLink is also an option, but it might be pricier compared to VPC Peering. It can provide a more secure connection by using endpoints. If you're considering this route, check the AWS documentation for detailed setup instructions.
You can create a VPC peering connection between the two VPCs. However, keep in mind that VPC peering operates at the IP level, so you'll need to ensure that you have the correct IP address for the Kubernetes load balancer. Alternatively, you might consider opening up a range of IPs between the VPCs if that's simpler for your setup. Just be cautious about security implications!
That's a good point! It might be easier to find the specific IP and manage it rather than opening everything up.
Great tip! Just remember to double-check your security settings to avoid any holes.