If you are using Ingress on your Kubernetes cluster it is possible to restrict access to your application based on dedicated IP addresses. One possible use case would be that you have a development setup and don't want to make all the fancy new features available to everyone, especially competitors. In such cases, IP whitelisting to restrict access can be used .This can be done with specifying the allowed client IP source ranges through the `ingress.kubernetes.io/whitelist-source-range` annotation. The value is a comma separated list of CIDR block, e.g. 10.0.0.0/24,126.96.36.199/32.
If you want to set a default global set of IPs this needs to be set in the config of the ingress-controller. In the example below we use the NGINX ingress-controller and could set that default value in the config-map used for the ingress-controller. The global value can be overwritten using annotation in the Ingress rule. Please note that not all ingress-controllers support whitelisting, please check the documentation of the ingress-controller you're using.