Re: [kubernetes-users] kube-proxy creating iptable rule for wrong interface

Hi Mike, > service tokens can't come through to nodes because kubelet tries to talk to > the api server through the api's "advertised ip address", which defaults to > the default route, which is shunted. This seems wrong. Kubelet has a master address that is *NOT* dependent on Services. If

Re: [kubernetes-users] kube-proxy creating iptable rule for wrong interface

This behavior puzzles me. API service is definitely a unique service, but this issue can be tough debug, and causes a problem if some traffic needs to be sent through a security device for monitoring. Let me explain: - Assume there is no direct API connectivity between worker nodes and

Re: [kubernetes-users] kube-proxy creating iptable rule for wrong interface

On Wednesday, May 31, 2017 at 11:04:38 AM UTC-5, Tim Hockin wrote: > This being the kubernetes Service, the value is coming from Endpoints, > which is being written by your apiserver. By default, it chooses the > interface with a default route. If that is wrong, look at the >

Re: [kubernetes-users] kube-proxy creating iptable rule for wrong interface

This being the kubernetes Service, the value is coming from Endpoints, which is being written by your apiserver. By default, it chooses the interface with a default route. If that is wrong, look at the `--advertise-address` flag. On Wed, May 31, 2017 at 8:33 AM, wrote: >

[kubernetes-users] kube-proxy creating iptable rule for wrong interface

Kubernetes version: 1.6.3 I have following interfaces on my vagrant machine. enp0s3Link encap:Ethernet HWaddr 08:00:27:ee:32:98 inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 ... enp0s8Link encap:Ethernet HWaddr 08:00:27:88:a1:e8 inet