I'd like to propose moving mtaufen/non-masquerade-daemon under the kubernetes-incubator/ org. As this is a network configuration daemon, I believe this effort belongs under sig-network.
The OWNERS file in the above repo should serve as the OWNERS file for this proposal. The README in the above repo provides more details, but I'll summarize here:
This daemon solves the problem of configuring the CIDR ranges for non-masquerade in a cluster (via iptables rules). Today, this is accomplished by passing a --non-masquerade-cidr
flag to the Kubelet, which only allows one CIDR to be configured as non-masquerade. RFC 1918, however, defines three ranges (10/8
, 172.16/12
, 192.168/16
) for the private IP address space.
Some users will want to communicate between these ranges without masquerade - for instance, if an organization's existing network uses the 10/8
range, they may wish to run their cluster and Pod
s in `192.