如何关闭绒布中的IP Masquerade [英] How to turn off IP Masquerade in flannel

问题描述

在Kubernetes集群中，我无法从Containers连接到Internet.因此，在搜索之后，我找到了一种可能的解决方案，即关闭"IP Masquerade".但是我没有运气将其关闭.无论我做什么，我都无法禁用它.

In my Kubernetes cluster I couldn't connect to the internet from my Containers. So after searching, I found a possible solution, that is to turn off "IP Masquerade". But I had no luck turning this off. Whatever I did I cannot get it disabled.

首先，我更改以下内容，

First I change the following,

/etc/kubernetes/cni/docker_opts_cni.env

DOCKER_OPT_BIP=""
DOCKER_OPT_IPMASQ="false"

然后尝试

/etc/kubernetes/cni/docker_opts_cni.env

DOCKER_OPT_BIP=""
DOCKER_OPT_IPMASQ="--ip-masq=false"

我正在使用最新的Kubernetes版本(v 1.6.3)，并且已经遵循

I'm using the latest Kubernetes version(v 1.6.3) and I have followed this to configure my cluster. I'm using flannel without calico. Can someone guide me on how I can get this disabled? Thanks in advance/

推荐答案

这是使用cni为docker创建新的法兰绒网络的示例配置.

This is an example configuration for creating new flannel network using cni for docker.

/etc/kubernetes/cni/net.d/10-flannel.conf

{
    "cniVersion": "0.2.0",
    "name": "mybridge",
    "type": "bridge",
    "bridge": "cni_bridge1",
    "isGateway": true,
    "ipMasq": true,
    "ipam": {
        "type": "host-local",
        "subnet": "10.15.30.0/24",
        "routes": [
            { "dst": "0.0.0.0/0" },
            { "dst": "1.1.1.1/32", "gw":"10.15.30.1"}
        ],
        "rangeStart": "10.15.30.100",
        "rangeEnd": "10.15.30.200",
        "gateway": "10.15.30.99"
    }
}

在您的配置文件中，将true的ipMasq值更改为false或添加选项(如果不存在)应关闭"IP Masquerade"

In your configuration file changing ipMasq value for true to false or adding the option if not present should turn off "IP Masquerade"

这篇关于如何关闭绒布中的IP Masquerade的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！