Last active
March 28, 2019 12:30
-
-
Save ipedrazas/c93f255a17785a7eb7f2fd83af4c21a9 to your computer and use it in GitHub Desktop.
Revisions
-
ipedrazas revised this gist
Mar 1, 2019 . 1 changed file with 12 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -67,4 +67,16 @@ ubuntu@192:~$ sudo iptables-save | grep 10.103.43.18 -A KUBE-SERVICES -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http cluster IP" -m tcp --dport 8081 -j KUBE-SVC-6WZ66WA6PLOSG2HF -A KUBE-SERVICES ! -s 10.103.128.0/17 -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:management-port-https cluster IP" -m tcp --dport 8083 -j KUBE-MARK-MASQ -A KUBE-SERVICES -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:management-port-https cluster IP" -m tcp --dport 8083 -j KUBE-SVC-DWPXVHDV3KJE54QM ``` ubuntu@192:~$ sudo iptables-save | grep KUBE-SEP-7RPMXMBGWMXFV533 ``` :KUBE-SEP-7RPMXMBGWMXFV533 - [0:0] -A KUBE-SEP-7RPMXMBGWMXFV533 -s 10.103.129.17/32 -m comment --comment "twistlock/twistlock-console:mgmt-http" -j KUBE-MARK-MASQ -A KUBE-SEP-7RPMXMBGWMXFV533 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http" -m tcp -j DNAT --to-destination 10.103.129.17:8081 -A KUBE-SVC-6WZ66WA6PLOSG2HF -m comment --comment "twistlock/twistlock-console:mgmt-http" -j KUBE-SEP-7RPMXMBGWMXFV533 ``` ``` -A KUBE-SVC-6WZ66WA6PLOSG2HF -m comment --comment "twistlock/twistlock-console:mgmt-http" -j KUBE-SEP-7RPMXMBGWMXFV533 ``` -
Mar 1, 2019 . 1 changed file with 20 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -47,4 +47,24 @@ lo Link encap:Local Loopback TX packets:643266 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:544466873 (544.4 MB) TX bytes:544466873 (544.4 MB) ``` ubuntu@192:~$ sudo iptables-save | grep 10.103.129.17 ``` -A KUBE-SEP-7RPMXMBGWMXFV533 -s 10.103.129.17/32 -m comment --comment "twistlock/twistlock-console:mgmt-http" -j KUBE-MARK-MASQ -A KUBE-SEP-7RPMXMBGWMXFV533 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http" -m tcp -j DNAT --to-destination 10.103.129.17:8081 -A KUBE-SEP-LLDOQJDOFC7PPC2H -s 10.103.129.17/32 -m comment --comment "twistlock/twistlock-console:management-port-https" -j KUBE-MARK-MASQ -A KUBE-SEP-LLDOQJDOFC7PPC2H -p tcp -m comment --comment "twistlock/twistlock-console:management-port-https" -m tcp -j DNAT --to-destination 10.103.129.17:8083 -A KUBE-SEP-Q4X76AYPHTL5KJFE -s 10.103.129.17/32 -m comment --comment "twistlock/twistlock-console:communication-port" -j KUBE-MARK-MASQ -A KUBE-SEP-Q4X76AYPHTL5KJFE -p tcp -m comment --comment "twistlock/twistlock-console:communication-port" -m tcp -j DNAT --to-destination 10.103.129.17:8084 ``` ubuntu@192:~$ sudo iptables-save | grep 10.103.43.18 ``` -A KUBE-SERVICES ! -s 10.103.128.0/17 -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:communication-port cluster IP" -m tcp --dport 8084 -j KUBE-MARK-MASQ -A KUBE-SERVICES -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:communication-port cluster IP" -m tcp --dport 8084 -j KUBE-SVC-NUGF3LQ6TFSOZ2XU -A KUBE-SERVICES ! -s 10.103.128.0/17 -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http cluster IP" -m tcp --dport 8081 -j KUBE-MARK-MASQ -A KUBE-SERVICES -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:mgmt-http cluster IP" -m tcp --dport 8081 -j KUBE-SVC-6WZ66WA6PLOSG2HF -A KUBE-SERVICES ! -s 10.103.128.0/17 -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:management-port-https cluster IP" -m tcp --dport 8083 -j KUBE-MARK-MASQ -A KUBE-SERVICES -d 10.103.43.18/32 -p tcp -m comment --comment "twistlock/twistlock-console:management-port-https cluster IP" -m tcp --dport 8083 -j KUBE-SVC-DWPXVHDV3KJE54QM ``` -
Mar 1, 2019 . 1 changed file with 21 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -26,4 +26,25 @@ KUBE-MARK-MASQ tcp -- !10.103.128.0/17 10.103.43.18 /* twistlock/ KUBE-SVC-6WZ66WA6PLOSG2HF tcp -- anywhere 10.103.43.18 /* twistlock/twistlock-console:mgmt-http cluster IP */ tcp dpt:tproxy KUBE-MARK-MASQ tcp -- !10.103.128.0/17 10.103.43.18 /* twistlock/twistlock-console:management-port-https cluster IP */ tcp dpt:8083 KUBE-SVC-DWPXVHDV3KJE54QM tcp -- anywhere 10.103.43.18 /* twistlock/twistlock-console:management-port-https cluster IP */ tcp dpt:8083 ``` ubuntu@192:~$ ifconfig ``` flannel.1 Link encap:Ethernet HWaddr 9e:2e:c9:d9:4e:4b inet addr:10.103.129.0 Bcast:0.0.0.0 Mask:255.255.255.255 inet6 addr: fe80::9c2e:c9ff:fed9:4e4b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1400 Metric:1 RX packets:1010384 errors:0 dropped:0 overruns:0 frame:0 TX packets:1048654 errors:0 dropped:8 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:95945634 (95.9 MB) TX bytes:130650389 (130.6 MB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:643266 errors:0 dropped:0 overruns:0 frame:0 TX packets:643266 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:544466873 (544.4 MB) TX bytes:544466873 (544.4 MB) ``` -
Mar 1, 2019 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Mar 1, 2019 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,29 @@ -> % svcs -n twistlock ``` NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE twistlock-console ClusterIP 10.103.43.18 <none> 8084/TCP,8083/TCP,8081/TCP 18h ``` -> % k get ep -n twistlock ``` NAME ENDPOINTS AGE twistlock-console 10.103.129.17:8081,10.103.129.17:8084,10.103.129.17:8083 18h ``` ubuntu@192:~$ ifconfig | grep addr:1 ``` inet addr:10.103.129.1 Bcast:0.0.0.0 Mask:255.255.255.0 inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0 inet addr:192.168.10.11 Bcast:192.168.10.255 Mask:255.255.255.0 inet addr:10.103.129.0 Bcast:0.0.0.0 Mask:255.255.255.255 inet addr:127.0.0.1 Mask:255.0.0.0 ``` ubuntu@192:~$ sudo iptables -t nat -L KUBE-SERVICES | grep 10.103.43.18 ``` KUBE-MARK-MASQ tcp -- !10.103.128.0/17 10.103.43.18 /* twistlock/twistlock-console:communication-port cluster IP */ tcp dpt:8084 KUBE-SVC-NUGF3LQ6TFSOZ2XU tcp -- anywhere 10.103.43.18 /* twistlock/twistlock-console:communication-port cluster IP */ tcp dpt:8084 KUBE-MARK-MASQ tcp -- !10.103.128.0/17 10.103.43.18 /* twistlock/twistlock-console:mgmt-http cluster IP */ tcp dpt:tproxy KUBE-SVC-6WZ66WA6PLOSG2HF tcp -- anywhere 10.103.43.18 /* twistlock/twistlock-console:mgmt-http cluster IP */ tcp dpt:tproxy KUBE-MARK-MASQ tcp -- !10.103.128.0/17 10.103.43.18 /* twistlock/twistlock-console:management-port-https cluster IP */ tcp dpt:8083 KUBE-SVC-DWPXVHDV3KJE54QM tcp -- anywhere 10.103.43.18 /* twistlock/twistlock-console:management-port-https cluster IP */ tcp dpt:8083 ```