I was looking into using the VPC CNI plugin with ipMasq disabled so our traffic goes out via each ethX rather than host eth0 (VPC traffic + 0.0.0.0/0).
From the looks of it when ipMasq gets disabled the pods lose egress to non-VPC CIDRs. I assume that is expected. From the readme i found that this config flag aws added to hadnle kube2iam case? In our org we do not run kube2iam and we are restricting access to the metadata endpoint by other means.
Any future plans to support this mode of operating?
I was looking into using the VPC CNI plugin with ipMasq disabled so our traffic goes out via each ethX rather than host eth0 (VPC traffic + 0.0.0.0/0).
From the looks of it when ipMasq gets disabled the pods lose egress to non-VPC CIDRs. I assume that is expected. From the readme i found that this config flag aws added to hadnle kube2iam case? In our org we do not run kube2iam and we are restricting access to the metadata endpoint by other means.
Any future plans to support this mode of operating?