Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/detiber/cni-kind-no-snat-interface

Last synced: 7 days ago
JSON representation

Host: GitHub
URL: https://github.com/detiber/cni-kind-no-snat-interface
Owner: detiber
Created: 2020-09-15T00:43:53.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2020-09-15T02:32:10.000Z (over 4 years ago)
Last Synced: 2024-11-07T20:54:56.669Z (about 2 months ago)
Language: Go
Size: 13.7 KB
Stars: 1
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # kind-no-snat-interface plugin

## Overview

This plugin creates firewall rules to bypass kindnet snat to allow for container interfaces.

It does not create any network interfaces and therefore does not set up connectivity by itself.

It is intended to be used as a chained plugins.

## Operation

The following network configuration file

```json

{

    "cniVersion": "0.3.1",

    "name": "bridge-firewalld",

    "plugins": [

      {

        "type": "bridge",

        "bridge": "cni0",

      },

      {

        "type": "kind-no-snat-interface"

      }

    ]

}

```

will allow any interfaces configured by bypass kindnet masquerading.

A successful result would simply be an empty result, unless a previous plugin passed a previous result, in which case this plugin will return that previous result.

The above example will create two new iptables chains in the `filter` table and add rules that allow the given interface to send/receive traffic.