Unable to redirect the traffic in my k8s cluster

[kahou82]

I am following the installation but I am not able to route the pod traffic from my VM (VM 1) to another gateway VM (VM 2). I am using Calico CNI and there is only 1 master node (VM 2) and 1 worker node (VM1).

I have a clusterIP service, the actual pod is living in VM1 and it wants that service traffic route to the VM2 as gateway. VM1 and VM2 are in the same k8s cluster.

There are two problems I observed:

1. The additional route in kube-egress-static-ip table is never used. I have to add the exact same route in the default routing table so make the traffic route to the gateway VM.

2. (After I manually fixed #1) When the pod traffic leave the VM1, calico uses the node IP address. But the ipset that you configure only include the pod IP only and therefore it doesn't hit to the SNAT rule that you configure and so the traffic never SNAT. If I manually add the node IP in the ipset, everything will work.

My question is that during your setup, how can you make the pod traffic use the pod IP when it is leave the VM?

Also, the custom routing table doesn't work for me. What is the intention to use the custom routing table?

[murali-reddy]

@kahou82 sorry for the late response. we are in middle of overhauling the project. You should expect a new release in 1-2 weeks. Right now I am testing with Flannel hostgw (which L3 solution like calico), will get a chance to test with Calico some time. Will revert back when done.

With out custom routing table we will run into issues with reverse-path filtering/martian packets.