MngomaLab/cluster
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0410dc39503638d8c95776cb63ba90587165d45a
cluster/k3s/ansible/apply-cluster-snat.bat
Khwezi Mngoma 0410dc3950 first commit
2026-02-22 16:43:17 +02:00

38 lines
1.2 KiB
Batchfile
Raw Blame History

@echo off
REM =========================================
REM apply-cluster-snat.bat
REM Enables hairpin NAT for Kubernetes pods -> HAProxy host
REM =========================================
REM ---- Step 1: Enable IP forwarding ----
echo Enabling IPv4 forwarding...
powershell -Command "Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters' -Name 'IPEnableRouter' -Value 1"
echo IP forwarding enabled. Please reboot for permanent effect.
REM ---- Step 2: Add UFW NAT rules ----
echo Applying NAT rules for pod -> HAProxy hairpin...
REM Ensure before.rules file exists
set ufw_rules_file=/etc/ufw/before.rules
REM Backup original rules
if exist "%ufw_rules_file%.bak" (
echo Backup already exists.
) else (
copy "%ufw_rules_file%" "%ufw_rules_file%.bak"
echo Backup created at %ufw_rules_file%.bak
)
REM Append NAT rules
echo *nat >> "%ufw_rules_file%"
echo :POSTROUTING ACCEPT [0:0] >> "%ufw_rules_file%"
echo -A POSTROUTING -s 10.42.0.0/16 -d 192.168.1.160 -j MASQUERADE >> "%ufw_rules_file%"
echo COMMIT >> "%ufw_rules_file%"
REM ---- Step 3: Reload UFW ----
echo Reloading UFW...
ufw disable
ufw enable
echo Hairpin NAT applied successfully.
pause
Reference in New Issue View Git Blame Copy Permalink