route kubernetes pod outgoing traffic for a specific IP and port
Question
We have a pod which is trying to reach an IP ( 192.168.xx.xx ) which is out side the kubernetes cluster. IP its trying to reach is the the Internal IP of an external entity which can be reached normally only using the external IP ( 10.110.xx.xx ).
We have defined the routes (using iptables ) on worker/master nodes to redirect the Internal IP to External one. This redirect works fine on worker/master host level but kubernetes pod does not use these. Is there a way to implement this on pod level as well or make pod use the routes from host? (i know using a hostnetwork in pod is an option but unfortunately we cant use it)
iptables are updated like below,
iptables -t nat -A OUTPUT -p tcp -d 192.168.xx.xx -j DNAT --to-destination 10.110.xx.xx
iptables -t nat -A OUTPUT -p tcp -d 192.168.xx.xx --dport 10550 -j DNAT --to-destination 10.110.xx.xx:10550
1 answers
solution1
0 2021-05-31 09:32:04
The answer is probably "yes but it's really complicated". This would depend deeply on your CNI plugin and how it works. There's no single standard for how pod networks are allocated or configured. You could probably do it via a privileged init container? But if your break your CNI, you get to keep all the pieces.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.