diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml index 98ba2f06446dae5ea60ef71ad0c7d4007914ac4c..f9842f46ca5a09cb07bc8ba67c6f7d28f6efca67 100644 --- a/roles/kubernetes/node/defaults/main.yml +++ b/roles/kubernetes/node/defaults/main.yml @@ -6,8 +6,9 @@ kube_resolv_conf: "/etc/resolv.conf" kube_proxy_mode: iptables -# If using the pure iptables proxy, SNAT everything -kube_proxy_masquerade_all: true +# If using the pure iptables proxy, SNAT everything. Note that it breaks any +# policy engine. +kube_proxy_masquerade_all: false # Limits for kube components and nginx load balancer app kubelet_memory_limit: 512M