Add defaultRouteToVpc and extraContainerRoutes opt

mattmb commented 6 years ago

defaultRouteToVpc allows you to set the default route in the container namespace to the VPC router. This is useful for AWS networks that don't assign public IPs to their instances and rely on NAT boxes listed in the VPC route table. Or if you happen to have other networks reachable from the VPC route table.
extraContainerRoutes allows you to add extra routes in the container that route back to the host via the veth pair. This is useful if you have things listening on the host namespace but have updated the default route to go via the VPC router (as above).

mattmb commented 6 years ago

I need to do some more testing with this but I think it works for us. Opening this early for visibility. If you like it I'll update the docs etc.

Please excuse any poor style: I'm a bit of a Go newbie

mattmb commented 6 years ago

Looking at the open PRs this is kinda similar to https://github.com/lyft/cni-ipvlan-vpc-k8s/pull/48 but rather than pulling the routes we want from the VPC route table I'm just saying the default is everything goes there.

lyft / cni-ipvlan-vpc-k8s

Add defaultRouteToVpc and extraContainerRoutes opt #55