Description:
Create Alias IPs for the node network CIDR range in order to subsequently configure IP-based policies and firewalling for pods. A cluster that uses Alias IPs is called a 'VPC-native' cluster.
Rationale:
Using Alias IPs has several benefits:
You cannot currently migrate an existing cluster that uses routes for Pod routing to a cluster that uses Alias IPs.
Cluster IPs for internal services remain only available from within the cluster. If you want to access a Kubernetes Service from within the VPC, but from outside of the cluster, use an internal load balancer.
Use of Alias IPs cannot be enabled on an existing cluster. To create a new cluster using Alias IPs, follow the instructions below.
Using Google Cloud Console
Using Command Line
To enable Alias IP on a new cluster, run the following command:
gcloud container clusters create [CLUSTER_NAME]
--zone [COMPUTE_ZONE]
--enable-ip-alias