Awesome article.

I have a different use case.

Let’s say my service is NGINX and we are creating K8s SERVICE and INGRESS on top of Gatekeeper. But I want the pods running in the cluster to use this NGINX without any authentication but all the traffic which is coming from outside should be proxied via GATEKEEPER.

Is there a way to whitelist the traffic which is within the cluster. We can create service on top of NGINX but not the INGRESS but someone who has access to the cluster can port-forward it.