智慧物流>> k8s-custom-iptables>> 返回
项目作者: bowei

项目描述 :
How to add custom iptables rules to a Kubernetes cluster
高级语言: Shell
项目地址: git://github.com/bowei/k8s-custom-iptables.git
创建时间: 2017-04-17T23:40:21Z
项目社区:https://github.com/bowei/k8s-custom-iptables
开源协议:Apache License 2.0
下载


k8s-custom-iptables

An example of how to add custom IP tables rules to a Kubernetes cluster.
This collection of scripts creates a NAT (MASQ) rule for outbound traffic
to a TARGETS CIDR range(s) given to the script.

Installing rules into the cluster.

Install the daemonset that configures the cluster to NAT an IP range.

  1. TARGETS="1.2.3.4/24 4.5.6.7/16" ./install.sh

Uninstall rules from the cluster.

Uninstall the IP tables rules from the cluster.

  1. ./uninstall.sh

Configuring

The configuration for which ranges are NAT’d are in the k8s-custom-iptables ConfigMap.
Values can be changed via kubectl edit cm/k8s-custom-iptables:

  1. apiVersion: v1
  2. kind: ConfigMap
  3. metadata:
  4.   name: k8s-custom-iptables
  5. data:
  6.   nat.rules: "10.0.0.0/24 192.168.0.0/16"

Creating and pushing the image.

  1. REGISTRY=gcr.io/my-registry make