-> % svcs -n twistlock
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
twistlock-console ClusterIP 10.103.43.18 <none> 8084/TCP,8083/TCP,8081/TCP 18h
-> % k get ep -n twistlock
NAME ENDPOINTS AGE
twistlock-console 10.103.129.17:8081,10.103.129.17:8084,10.103.129.17:8083 18h
ubuntu@192:~$ ifconfig | grep addr:1
inet addr:10.103.129.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet addr:192.168.10.11 Bcast:192.168.10.255 Mask:255.255.255.0
inet addr:10.103.129.0 Bcast:0.0.0.0 Mask:255.255.255.255
inet addr:127.0.0.1 Mask:255.0.0.0
ubuntu@192:~$ sudo iptables -t nat -L KUBE-SERVICES | grep 10.103.43.18
KUBE-MARK-MASQ tcp -- !10.103.128.0/17 10.103.43.18 /* twistlock/twistlock-console:communication-port cluster IP */ tcp dpt:8084
KUBE-SVC-NUGF3LQ6TFSOZ2XU tcp -- anywhere 10.103.43.18 /* twistlock/twistlock-console:communication-port cluster IP */ tcp dpt:8084
KUBE-MARK-MASQ tcp -- !10.103.128.0/17 10.103.43.18 /* twistlock/twistlock-console:mgmt-http cluster IP */ tcp dpt:tproxy
KUBE-SVC-6WZ66WA6PLOSG2HF tcp -- anywhere 10.103.43.18 /* twistlock/twistlock-console:mgmt-http cluster IP */ tcp dpt:tproxy
KUBE-MARK-MASQ tcp -- !10.103.128.0/17 10.103.43.18 /* twistlock/twistlock-console:management-port-https cluster IP */ tcp dpt:8083
KUBE-SVC-DWPXVHDV3KJE54QM tcp -- anywhere 10.103.43.18 /* twistlock/twistlock-console:management-port-https cluster IP */ tcp dpt:8083
ubuntu@192:~$ ifconfig
flannel.1 Link encap:Ethernet HWaddr 9e:2e:c9:d9:4e:4b
inet addr:10.103.129.0 Bcast:0.0.0.0 Mask:255.255.255.255
inet6 addr: fe80::9c2e:c9ff:fed9:4e4b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1400 Metric:1
RX packets:1010384 errors:0 dropped:0 overruns:0 frame:0
TX packets:1048654 errors:0 dropped:8 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:95945634 (95.9 MB) TX bytes:130650389 (130.6 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:643266 errors:0 dropped:0 overruns:0 frame:0
TX packets:643266 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:544466873 (544.4 MB) TX bytes:544466873 (544.4 MB)
ubuntu@192:~$ sudo iptables-save | grep 10.103.129.17
-A KUBE-SEP-7RPMXMBGWMXFV533 -s 10.103.129.17/32 -m comment --comment "twistlock/twistlock-console:mgmt-http" -j KUBE-MARK-MASQ
-A KUBE-SEP-7RPMXMBGWMXFV533 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http" -m tcp -j DNAT --to-destination 10.103.129.17:8081
-A KUBE-SEP-LLDOQJDOFC7PPC2H -s 10.103.129.17/32 -m comment --comment "twistlock/twistlock-console:management-port-https" -j KUBE-MARK-MASQ
-A KUBE-SEP-LLDOQJDOFC7PPC2H -p tcp -m comment --comment "twistlock/twistlock-console:management-port-https" -m tcp -j DNAT --to-destination 10.103.129.17:8083
-A KUBE-SEP-Q4X76AYPHTL5KJFE -s 10.103.129.17/32 -m comment --comment "twistlock/twistlock-console:communication-port" -j KUBE-MARK-MASQ
-A KUBE-SEP-Q4X76AYPHTL5KJFE -p tcp -m comment --comment "twistlock/twistlock-console:communication-port" -m tcp -j DNAT --to-destination 10.103.129.17:8084
ubuntu@192:~$ sudo iptables-save | grep 10.103.43.18
-A KUBE-SERVICES ! -s 10.103.128.0/17 -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:communication-port cluster IP" -m tcp --dport 8084 -j KUBE-MARK-MASQ
-A KUBE-SERVICES -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:communication-port cluster IP" -m tcp --dport 8084 -j KUBE-SVC-NUGF3LQ6TFSOZ2XU
-A KUBE-SERVICES ! -s 10.103.128.0/17 -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http cluster IP" -m tcp --dport 8081 -j KUBE-MARK-MASQ
-A KUBE-SERVICES -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http cluster IP" -m tcp --dport 8081 -j KUBE-SVC-6WZ66WA6PLOSG2HF
-A KUBE-SERVICES ! -s 10.103.128.0/17 -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:management-port-https cluster IP" -m tcp --dport 8083 -j KUBE-MARK-MASQ
-A KUBE-SERVICES -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:management-port-https cluster IP" -m tcp --dport 8083 -j KUBE-SVC-DWPXVHDV3KJE54QM
ubuntu@192:~$ sudo iptables-save | grep KUBE-SEP-7RPMXMBGWMXFV533
:KUBE-SEP-7RPMXMBGWMXFV533 - [0:0]
-A KUBE-SEP-7RPMXMBGWMXFV533 -s 10.103.129.17/32 -m comment --comment "twistlock/twistlock-console:mgmt-http" -j KUBE-MARK-MASQ
-A KUBE-SEP-7RPMXMBGWMXFV533 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http" -m tcp -j DNAT --to-destination 10.103.129.17:8081
-A KUBE-SVC-6WZ66WA6PLOSG2HF -m comment --comment "twistlock/twistlock-console:mgmt-http" -j KUBE-SEP-7RPMXMBGWMXFV533
-A KUBE-SVC-6WZ66WA6PLOSG2HF -m comment --comment "twistlock/twistlock-console:mgmt-http" -j KUBE-SEP-7RPMXMBGWMXFV533