Apply annotations for load balancer on GCP for source IP firewall rules on GKE
If you are asking about capability to whitelist firewalls using 'loadBalancerSourceRanges' parameter service.beta.kubernetes.io/load-balancer-source-ranges
annotation is supported and often use on GCP.
Here is example Loadbalancer service with defined source-ranges:
apiVersion: v1kind: Servicemetadata: name: example-loadbalancer annotations: service.beta.kubernetes.io/load-balancer-source-ranges: "172.0.0.0/8, 10.0.0.0/8"spec: type: LoadBalancer ports: - protocol: TCP port: 8888 targetPort: 8888
Unlike Network Load Balancing, access to TCP Proxy Load Balancing cannot be controlled by using firewall rules. This is because TCP Proxy Load Balancing is implemented at the edge of the Google Cloud and firewall rules are implemented on instances in the data center.Useful documentations: gcp-external-load-balancing, load-balancing.