'Why my Kubernetes pod network traffic does not go through the iptables NAT table?
I need to write a iptables rule in the K8s pod to SNAT packets based on some conditions but the network traffic never go through NAT table
Solution 1:[1]
Why my Kubernetes pod network traffic does not go through the iptables NAT table?
Ans :
Because Kubernetes Dictates so to all CNI. Following is from Kubernetes Documentation
Kubernetes imposes the following fundamental requirements on any networking
implementation (barring any intentional network segmentation policies):
- pods on a node can communicate with all pods on all nodes without NAT
- agents on a node (e.g. system daemons, kubelet) can communicate with all pods on
that node.
Note: For those platforms that support Pods running in the host network
(e.g. Linux):
- pods in the host network of a node can communicate with all pods on all nodes
without NAT
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | confused genius |