Comment 2 for bug 1981405
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to stx-puppet (master) | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 638e2292b522569
Author: Jorge Saffe <email address hidden>
Date: Tue Jul 12 02:33:19 2022 -0400
Apply NAT on k8s outgoing pkgs for all protocols
By default the platform firewall for kubernetes traffic
is configured to apply NAT on outgoing traffic generated
inside the K8s cluster only for TCP ports.
The outgoing traffic of other protocolos (e.g. UDP, ICMP)
are leaving the system without NAT. When the traffic is
generated on workers nodes the packages leaves the system
with the internal management IP address.
Test Plan:
----------
PASS: CENTOS Standard fresh install.
PASS: Verify that the iptables "Kubernetes post-routing
rule" is updated to accept all protocols.
PASS: Verify src IP of outgoing traffic of UDP protocol
from worker nodes (e.g. sending SNMP traps).
Closes-Bug: 1981405
Signed-off-by: Jorge Saffe <email address hidden>
Change-Id: Id6d9465f318a83