search

bowei / k8s-custom-iptables

How to add custom iptables rules to a Kubernetes cluster
Apache License 2.0
59 stars 34 forks source link

errors in the logs after installing 2 contiguous cidr ranges #4

Open dylanscott opened 6 years ago

dylanscott commented 6 years ago

I don't know if this was actually causing any problems but I noticed the logs for the k8s-custom-iptables pods had errors every time the configuration was being printed after I installed it with 2 CIDR ranges. I ran 

TARGETS="10.0.0.0/29 10.0.0.8/29" ./install.sh

(These were the two ranges printed out by two Cloud Memorystore instances - I was following this documentation). In the logs I was getting:

screen shot 2018-05-18 at 9 39 40 am

This went away after I reconfigured to combine the blocks into 10.0.0.0/28

bvanhoekelen commented 6 years ago

We also got this problem and fixed it with adding a ,.

Solution

TARGETS="10.0.0.0/29,10.0.0.8/29" ./install.sh

Verification To verify this approach: login the VM instance in the gcloud console (GCP > Compute Engine > VM instances > SSH) and run: 

sudo iptables -L -t nat | grep "custom-iptables"

You should see:

MASQUERADE  all  --  anywhere             10.0.0.0/29          /* custom-iptables-1537539514: 10.0.0.0/29,10.0.0.8/29 */
MASQUERADE  all  --  anywhere             10.0.0.8/29          /* custom-iptables-1537539514: 10.0.0.0/29,10.0.0.8/29 */
sudermanjr commented 5 years ago

I can also verify that the solution above works.