search

kubernetes-sigs / ip-masq-agent

Manage IP masquerade on nodes
Apache License 2.0
217 stars 70 forks source link

use capabilities instead of privileged #37

Closed BenTheElder closed 5 years ago

BenTheElder commented 5 years ago

fixes #28

I looked around and as far as i can tell you need CAP_NET_ADMIN and CAP_NET_RAW to manage iptables. This works in https://github.com/kubernetes-sigs/kind/pull/500

k8s-ci-robot commented 5 years ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: BenTheElder, MrHohn

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-incubator/ip-masq-agent/blob/master/OWNERS)~~ [MrHohn] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment