1

What I have currently..

... is an application with a microservices architecture, where the different services communicate with a gateway through GRPC, with the gateway serving REST endpoints.

I'm deploying this system on GCP. Currently, each service has a docker image with a GKE workload. So, each service is exposed with a public IP address and port. The gateway is also a Docker image on GKE, exposed with a public IP and port.

What I want...

... is the deployment to mirror my local deployment where each service communicates with the gateway through 127.0.0.1:{PORT}, and only the gateway uses a public IP and port. What I hope to achieve is to restrict access to the services except through the gateway.

How can I get this done?

NOTE: I still want the services as separate Git repositories, so, having separate Dockerfiles/docker images.

Chidi Williams
  • 111
  • 2

1 Answers1

0

Regarding information provided I assume your "services" using dockerfiles are pods. Pods don't have external IP addresses.

You can use a Load Balancer with Ingress to add an external IP for the gateway pod. For other pods, use clusterIP service so that they are only exposed within the cluster and it allows you to specify what kind of service you want.

Milad Tabrizi
  • 327
  • 1
  • 7