I have a basic network setup with k8s cluster containing worker pods that have to read from meters contained within another network:
My question is, how to set up policy based ipsec tunnel from k8s network to on premise one in such a way that all worker pods can access meters in on premise network. i've searched internet but there is very little in the matter of clear tutorials of how to set something like this up (besides IBM one that sadly just says to download helm chart, and doesn't support ca cert ikev2 authentication that i use)
Service mesh is often used for this type of in-cluster to machine connectivity. Products like consul were created to solve this problem. You can run agents on each of your "meters" hosts, and they are able to access the service mesh natively.
I think istio can tackle this as well.