Skip to content

Commit

Permalink
Cilium masquerading (#1653)
Browse files Browse the repository at this point in the history
* Disable masquerading when cilium is in ENI mode.

* Disable masquerading when cilium is in ENI mode.

* Disable masquerading when cilium is in ENI mode.
  • Loading branch information
whites11 authored Oct 9, 2023
1 parent 999ca3c commit 82d99bb
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 4 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

### Changed

- Disable masquerading when cilium is in ENI mode.

## [5.8.0-patch1] - 2023-09-26

### Added
Expand Down
5 changes: 1 addition & 4 deletions service/controller/resource/clusterconfigmap/desired.go
Original file line number Diff line number Diff line change
Expand Up @@ -233,9 +233,6 @@ func (r *Resource) GetDesiredState(ctx context.Context, obj interface{}) ([]*cor
"mode": "eni",
}

// there is autodiscoverability on the VPC CIDrs
ciliumValues["ipv4NativeRoutingCIDR"] = podCIDR

// https://docs.cilium.io/en/v1.13/network/concepts/routing/#id5
ciliumValues["endpointRoutes"] = map[string]interface{}{
"enabled": true,
Expand All @@ -247,7 +244,7 @@ func (r *Resource) GetDesiredState(ctx context.Context, obj interface{}) ([]*cor
},
}

ciliumValues["egressMasqueradeInterfaces"] = "eth+"
ciliumValues["enableIPv4Masquerade"] = false
ciliumValues["tunnel"] = "disabled"
// Used by cilium to tag ENIs it creates and be able to filter and clean them up.
ciliumValues["cluster"] = map[string]interface{}{
Expand Down

0 comments on commit 82d99bb

Please sign in to comment.