lknite
commented
2 years ago If this is the right fix, https://github.com/suda/charts/issues/5, then request add init container section to deploy template.
Closed lknite closed 2 years ago
lknite
commented
2 years ago If this is the right fix, https://github.com/suda/charts/issues/5, then request add init container section to deploy template.
lknite
commented
2 years ago Thought I'd try to make an image with ip_forward enabled and tried the following:
$ cat Dockerfile
FROM kylemanna/openvpn
RUN sysctl net.ipv4.ip_forward
docker build .
...
Status: Downloaded newer image for kylemanna/openvpn:latest
---> 3d5a3627a7f6
Step 2/2 : RUN sysctl net.ipv4.ip_forward
---> Running in d59cb767b325
net.ipv4.ip_forward = 1Seems the kylemanna/openvpn has ip_forward enabled by default ... so how is it being disabled? https://kubernetes.io/docs/reference/config-api/kubelet-config.v1beta1/ ? allowedUnsafeSysctls ?
lknite
commented
2 years ago Though ip_forward was enabled in the container by default, seems kubernetes was disabling it. Adding an init container to enable it worked. See workaround here: https://github.com/suda/charts/issues/5
Using the community edition of openvpn client I can connect to the vpn and all looks well, but it doesn't do anything. I thought maybe I needed to enable ip_forwarding. It's enabled on all my worker nodes deployed using kubeadm. However, when I try to enable it I get read-only file system. I thought NET_ADMIN that you set should have done the trick, but doesn't seem to.
Testing by trying to access google.com and attempting to nslookup using server '8.8.8.8'.
I've used ssh connected to localhost:2222 and configured it to setup a dynamic socks5 proxy on localhost:9999.
Snippit from client config:
values.yaml