nftables of our transparent proxy

kumahq / kuma

🐻 The multi-zone service mesh for containers, Kubernetes and VMs. Built with Envoy. CNCF Sandbox Project.

https://kuma.io/install

Apache License 2.0

3.63k stars 331 forks source link

nftables of our transparent proxy #8293

Open lahabana opened 11 months ago

lahabana commented 11 months ago

Description

nftables are more and more popular. We should have a version of the transparent proxy that works with nftables and use this in priority.

michaelbeaumont commented 11 months ago

https://github.com/kubernetes-sigs/iptables-wrappers might be of use here?

lahabana commented 6 months ago

Using iptables-nft seems to be sufficient. Closing this as not to be done

bartsmykla commented 3 months ago

iptables-nft is deprecated in RHEL 9 and is likely to be removed entirely in the next major release (Ref. https://access.redhat.com/solutions/6739041). This means we need to migrate our transparent proxy configuration to use nftables sooner than later.

github-actions[bot] commented 3 months ago

Removing closed state labels due to the issue being reopened.

lahabana commented 2 weeks ago

@bartsmykla what we should do here?