ubuntu@microk8s70:~$ sudo iptables -t nat -L PREROUTING
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
cali-PREROUTING all -- anywhere anywhere /* cali:6gwbT8clXdHdC1b1 */
KUBE-SERVICES all -- anywhere anywhere /* kubernetes service portals */
ubuntu@microk8s70:~$ sudo iptables -t nat -L KUBE-SERVICES
Chain KUBE-SERVICES (2 references)
target prot opt source destination
KUBE-SVC-WV6VKHDJQKB2TQC4 tcp -- anywhere 10.152.183.159 /* container-registry/registry:registry cluster IP */ tcp dpt:5000
KUBE-SVC-TCOU7JCQXEZGVUNU udp -- anywhere 10.152.183.10 /* kube-system/kube-dns:dns cluster IP */ udp dpt:domain
KUBE-SVC-ERIFXISQEP7F7OF4 tcp -- anywhere 10.152.183.10 /* kube-system/kube-dns:dns-tcp cluster IP */ tcp dpt:domain
KUBE-SVC-JD5MR3NA4I4DYORP tcp -- anywhere 10.152.183.10 /* kube-system/kube-dns:metrics cluster IP */ tcp dpt:9153
KUBE-SVC-IQGXNJVVP26VHMIN tcp -- anywhere 10.152.183.23 /* default/nginx-service:name-of-service-port cluster IP */ tcp dpt:http-alt
KUBE-SVC-NPX46M4PTMTKRN6Y tcp -- anywhere 10.152.183.1 /* default/kubernetes:https cluster IP */ tcp dpt:https
KUBE-NODEPORTS all -- anywhere anywhere /* kubernetes service nodeports; NOTE: this must be the last rule in this chain */ ADDRTYPE match dst-type LOCAL
ubuntu@microk8s70:~$ sudo iptables -t nat -L KUBE-SVC-IQGXNJVVP26VHMIN
Chain KUBE-SVC-IQGXNJVVP26VHMIN (1 references)
target prot opt source destination
KUBE-MARK-MASQ tcp -- !10.1.0.0/16 10.152.183.23 /* default/nginx-service:name-of-service-port cluster IP */ tcp dpt:http-alt
KUBE-SEP-CAK3XSESCB3K5VBO all -- anywhere anywhere /* default/nginx-service:name-of-service-port -> 10.1.131.5:8080 */ statistic mode random probability 0.50000000000
KUBE-SEP-M6K44XZSWZ6EUNHM all -- anywhere anywhere /* default/nginx-service:name-of-service-port -> 10.1.73.131:8080 */
ubuntu@microk8s70:~$ sudo iptables -t nat -L KUBE-SEP-CAK3XSESCB3K5VBO
Chain KUBE-SEP-CAK3XSESCB3K5VBO (1 references)
target prot opt source destination
KUBE-MARK-MASQ all -- 10.1.131.5 anywhere /* default/nginx-service:name-of-service-port */
DNAT tcp -- anywhere anywhere /* default/nginx-service:name-of-service-port */ tcp to:10.1.131.5:8080
Created
March 11, 2023 04:11
-
-
Save cloudqubes/180f6f4057be46dd5f9ac50442e1ba90 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment