Connecting to services from external clients

Use Mesh to connect client applications that run on non-Kubernetes infrastructure to services over the Mesh network segment. After you connect the external client application, you can use the Topology view to monitor traffic and visualize relationships between the external client and the other Mesh resources in the network segment.

External clients

An external client is a client application that operates outside of a Kubernetes cluster but can connect to services within a Mesh network segment. External clients can operate in non-Kubernetes environments such as VMs, mainframes, and bare metal servers.

For example, Mesh can enable a front-end application that runs on a VM in an on-premises environment to connect to a backend service that runs on a cloud-based Kubernetes cluster. You don’t need to migrate your existing client applications to Kubernetes to enable them to connect to services over the Mesh network segment.

Configuring access from external clients

Configure external client access by completing the following steps:
  1. Install and configure a Kubernetes cluster in the same VPC or local network as the external client.
  2. Deploy the Mesh gateway on the cluster. During deployment, enable external client access and specify the IP addresses that the gateway can assign to services that are exposed at this gateway.
  3. Create a connection policy for the service that you want to expose to the external client.

    When external client access is enabled and a service is exposed at the gateway by a policy, the gateway assigns an available IP address to the service. A service entry point, which is the IP address and port on the local network that external clients use to connect to a service, is created in Mesh automatically.

  4. Update the external client to use the service entry point.