Why my Kubernetes pod network traffic does not go through the iptables NAT table?
Question
我需要在 K8s pod 中根据某些条件将 iptables 规则写入 SNAT 数据包,但网络流量永远不会通过 NAT 表
1 answers
solution1
1 2022-05-18 12:24:06
Why my Kubernetes pod network traffic does not go through the iptables NAT table?
Ans :
Because Kubernetes Dictates so to all CNI. Following is from Kubernetes Documentation
Kubernetes imposes the following fundamental requirements on any networking
implementation (barring any intentional network segmentation policies):
- pods on a node can communicate with all pods on all nodes without NAT
- agents on a node (e.g. system daemons, kubelet) can communicate with all pods on
that node.
Note: For those platforms that support Pods running in the host network
(e.g. Linux):
- pods in the host network of a node can communicate with all pods on all nodes
without NAT
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Analyse kubernetes pod network traffic
Kubernetes: Allow pod egress network traffic
Kubernetes Network Policy stops all traffic to Pod
Why when I restart a pod in Kubernetes does the service I have in my container go down?
Kubernetes (EKS) - monitor traffic to pod or through a service
How to block traffic to a Kubernetes pod without using network policies
Does a pod pass through service for outbound traffic?
Is it possible to route traffic through a pod with a OpenVPN and a Nginx reverse proxy in Kubernetes?
Why Kubernetes is not attaching my secret into my pod?
Iptables error prevents Pod starting in Kubernetes
Related Tags