Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable the ip-masq-agent on GCE installs #46473

Merged
merged 1 commit into from
May 26, 2017
Merged

Enable the ip-masq-agent on GCE installs #46473

merged 1 commit into from
May 26, 2017

Conversation

thockin
Copy link
Member

@thockin thockin commented May 25, 2017
edited
Loading

Setting this will trigger cluster/addons/ip-masq-agent/ip-masq-agent.yaml to be installed as an addon, which disable configure IP masquerade for all of RFC1918, rather
than just 10.0/8.

Because the flag defaulted to 10.0/8 we can't just change the default. I think anyone who needs IP masquerade set up should probably use this instead.

@justinsb @kubernetes/sig-cluster-lifecycle-misc

Fixes #11204

@dnardo - any reason not to do this?

Release Note:


GCE installs will now avoid IP masquerade for all RFC-1918 IP blocks, rather than just 10.0.0.0/8.  This means that clusters can
be created in 192.168.0.0./16 and 172.16.0.0/12 while preserving the container IPs (which would be lost before).

@k8s-ci-robot k8s-ci-robot added sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels May 25, 2017
@k8s-github-robot k8s-github-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. release-note-label-needed labels May 25, 2017
@thockin
Enable the ip-masq-agent on GCE installs
91ed74c 
Setting this will trigger
cluster/addons/ip-masq-agent/ip-masq-agent.yaml to be installed as an
addon, which disable configure IP masquerade for all of RFC1918, rather
than just 10.0/8.
@thockin thockin force-pushed the enable-masq-agent-gce branch from cd04ec1 to 91ed74c Compare May 26, 2017 00:07
@dnardo
Copy link
Contributor

dnardo commented May 26, 2017

I don't see any reason not to. I had considered adding it but wasn't sure if we wanted to extend to GCE as well.

@thockin thockin assigned dnardo and justinsb and unassigned gmarek and jszczepkowski May 26, 2017
@thockin thockin added release-note Denotes a PR that will be considered when it comes time to generate release notes. and removed release-note-label-needed labels May 26, 2017
@dnardo
Copy link
Contributor

dnardo commented May 26, 2017

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 26, 2017
@k8s-github-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dnardo, thockin

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@k8s-github-robot
Copy link

Automatic merge from submit-queue (batch tested with PRs 46501, 45944, 46473)

@k8s-github-robot k8s-github-robot merged commit 5ade944 into kubernetes:master May 26, 2017
This was referenced Jun 20, 2017
Merged
Merged
k8s-github-robot pushed a commit that referenced this pull request Jun 21, 2017
Merge pull request #47794 from dnardo/ip-masq-agent
afa7808 
Automatic merge from submit-queue

Add ip-masq-agent readiness label by default.  

Since we are setting the non-masq-cidr in the kubelet to 0.0.0.0/0 we
need to ensure the ip-masq-agent runs.

pr/#46473 made the NON_MASQUERADE_CIDR default to 0.0.0.0/0 which means we need to have this label set now.



**What this PR does / why we need it**:

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes #47752
**Special notes for your reviewer**:

**Release note**:

```release-note
ip-masq-agent is now the default for GCE
```
@thockin thockin deleted the enable-masq-agent-gce branch August 14, 2019 17:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@justinsb justinsb

@dnardo dnardo

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@thockin @dnardo @k8s-github-robot @justinsb @gmarek @jszczepkowski @k8s-ci-robot