'source nat traffic through calico
i have a bunch of kubernetes worker nodes in RFC1918, so they do not have direct internet access. in most cases, i just set the application to use HTTP_PROXY env's in the containers to bounce outgoing (http) traffic through a set of squid servers.
however, i have a need to get non-http traffic out of the cluster (to the internet); database and ssh connections for example. whilst i am aware i can setup tunnels etc, i want a more generic solution.
in my kubernetes cluster, i already have a few nodes in a non-RFC1918 address range, so any pods on these nodes can reach the internet (it coincidentally is where my squid proxies reside). as they are part of the same kubernetes cluster, they share the same calico overlay network with the non-routable nodes.
i notice https://projectcalico.docs.tigera.io/networking/workloads-outside-cluster: however, it doesn't go into much detail. is there a way i can use this (or any other calico way) to route all "internet" traffic from all pods on the RFC1918 worker nodes through the non-RFC1918 nodes in our cluster?
Solution 1:[1]
What type of data do you need to share?. If it is something like dictionary, you can use Redis. https://github.com/redis/redis-py
You will need redis server installed and running.
process one:
import redis
r = redis.Redis(host='localhost', port=6379, db=0)
r.set('foo', 'bar')
process 2:
import redis
r = redis.Redis(host='localhost', port=6379, db=0)
r.get('foo')
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Jirka Vopelka |