Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for Assigning Static IP Addresses to Worker Nodes in EKS Anywhere #9061

Open
jpgf07 opened this issue Dec 10, 2024 · 4 comments
Open

Support for Assigning Static IP Addresses to Worker Nodes in EKS Anywhere #9061

jpgf07 opened this issue Dec 10, 2024 · 4 comments

Comments

@jpgf07
Copy link

jpgf07 commented Dec 10, 2024
edited
Loading

What would you like to be added:
Provide the ability to assign static IP addresses to worker nodes in EKS Anywhere clusters via the cluster configuration file. This feature would enable more precise control over networking at the node level, supporting scenarios where specific workloads require fixed IP addresses for outgoing traffic management or integration with external systems.

Why is this needed:
This feature is essential for enabling precise control over networking and ensuring compatibility with systems that rely on predictable IP behavior. Here are the key reasons why this is needed:

Support for Traffic Management and Security Policies:
Many organizations require outgoing traffic to originate from a specific, whitelisted IP address to meet security or compliance requirements. Without the ability to assign static IP addresses to worker nodes, it becomes challenging to enforce such policies.
Istio Egress Gateway Use Case:

When deploying an Istio Egress Gateway, the outgoing traffic is typically routed through a specific node. If the IP address of that node is dynamic, it can disrupt traffic policies or whitelisting requirements.
Static IP assignment would ensure that the node running the Egress Gateway always has a predictable IP address, simplifying external integrations.
Simplifies EKS-A Networking Operations:

The current alternative, using DHCP reservations or external networking tools, is cumbersome and operates outside of the EKS Anywhere declarative model.
Allowing static IP assignment directly in the EKS-A configuration would centralize networking configurations, reduce operational complexity, and improve portability.
Improved Compatibility with External Systems:

Many external systems (e.g., firewalls, APIs, or third-party services) require specific IPs to be whitelisted for communication. Predictable worker node IPs are critical to maintain stable connectivity with such systems.
Operational Efficiency:

Without this feature, users must rely on external network administrators or complex automation workflows to assign IPs to nodes. By integrating this capability into EKS Anywhere, users can streamline cluster deployment and management processes.
Real-World Scenarios:

Beyond Istio, this is also relevant for workloads like:
Hosting applications that require dedicated IP addresses for licensing or authentication.
Managing workloads with strict geo-IP requirements or compliance needs.
Simplifying debugging by providing consistent, known IPs for specific nodes.
@2ez4szliu
Copy link
Member

Hi @jpgf07, can I ask which provider do you want this feature for? Thanks!

@jpgf07
Copy link
Author

jpgf07 commented Dec 11, 2024 via email

@vivek-koppuru
Copy link
Member

Thank you for submitting your issue! This is something that we will be considering in our roadmap.

@vivek-koppuru vivek-koppuru mentioned this issue Dec 11, 2024
Open
@jpgf07
Copy link
Author

jpgf07 commented Dec 13, 2024 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@2ez4szliu @vivek-koppuru @jpgf07