K
Q

What does kube-proxy `--masquerade-all=true` mean?

4/7/2017

The kube-proxy admin page says:

--masquerade-all       If using the pure iptables proxy, SNAT everything

But it does explain in detail.

  • When should I set --masquerade-all to true?
  • And what problem it solves?
  • What could happen if it set --masquerade-all=false? What is the difference compared to --masqurade-all=true?
-- cizixs
kube-proxy
kubernetes

Similar Questions

Kubernetes/Spring Cloud Dataflow stream > spring.cloud.stream.bindings.output.destination is ignored by producer
How to get reponse time and number of requests of pods or services in Kubernetes?
How to run a Kubernetes job exactly once
Kubernetes 1.6 on Google Cloud?

1 Answer

4/7/2017

If you enable this and route the service IP range to your nodes then it will be possible to reach the service IPs from outside of the cluster.

The discussion is in Issue #24224 and it's implemented in PR 24429.

-- Janos Lenart
Source: StackOverflow