here are my setup details for the k8s cluster:
Nginx running as UDP proxy
nginx.conf: |
user root;
worker_processes 1;
events {
worker_connections 10240;
}
http {
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html; #Change this line
index index.html index.htm;
}
}
}
stream {
server {
listen *4729 udp;*
proxy_pass j_close_stream_backend;
proxy_responses 0;
error_log stderr;
proxy_bind $remote_addr:$remote_port transparent;
}
upstream juniper_close_stream_backend {
server* 10.244.72.169:4729 <http://10.244.72.169:4729>*;
}
}
---------------------------------------------------
nginx-> client service(*10.244.72.169:4729 <http://10.244.72.169:4729>*)
*Nginx running as Kubernetes Daemonset as follows:*
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nginx-daemonset
template:
metadata:
creationTimestamp: null
labels:
app: nginx
spec:
containers:
- image: nginx:1.14.2
imagePullPolicy: IfNotPresent
name: nginx
ports:
- containerPort: 80
protocol: TCP
resources: {}
here nginx works fine and is able to preserve source IP and also forward
spoofed IP. however client service is not able to receive any traffic.
I believe there is some issue with iptables but don't know how to trace
this issue.
Your help is much appreciated.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
