© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Still not clear to me. Currently, devstack is setting up a port in br-int so that traffic can be send from the host to the pod network, which I suppose is something similar to what you are proposing here.
My main concern/doubt here is that I fail to see how this works for E/W traffic (not node to pod, but pod to pod). If we have a pod (let's say subnet 10.0.1.0/24) trying to reach a Cluster IP service (172.30.0.0/16, still neutron private subnet, connected to the router-pod), and then its endpoints (in a third network 10.0.2.0/24), I don't see where kubeproxy applies the iptables rules, as the traffic is not suppose to leave the ovs/ovn overlay