search

rootless-containers / usernetes

Kubernetes without the root privileges
https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2033-kubelet-in-userns-aka-rootless
Apache License 2.0
865 stars 58 forks source link

kube-proxy: change mode from userspace to iptables #238

Closed AkihiroSuda closed 2 years ago

AkihiroSuda commented 3 years ago

Reopen https://github.com/rootless-containers/usernetes/pull/194

Fix #185

AkihiroSuda commented 3 years ago

10.0.0.53 works on pods on my local Ubuntu host, but does not work on pods on Fedora CI.

But nsenter --preserve-credentials -U -n -m -t $(pgrep kube-proxy) nslookup dnstest-0.dnstest.default.svc.cluster.local 10.0.0.53 works.

EDIT: modprobe br_netfilter seems needed