<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2634489&amp;fmt=gif">

Containers and Kubernetes, DevOps and SRE

How is ip-masq-agent DaemonSet created?

By Gary Turner | October 2, 2022

Hi all,

I've recently created several GKE clusters through some custom Terraform code. However, by default it looks like NAT-ing from the pod network is not enabled which is not desirable. So I found this article on how to enable it:

https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent#how_ipmasq_works

 

Which did the trick just fine. However, I can't seem to find a way to enable this during the cluster creation. I'd prefer not to have to add in the daemonset and configmap after the cluster is created. Is there any way to configure this as part of the cluster creation through Terraform? Also, this is a private cluster and I do not have access to the cluster through kubectl from where I'm running Terraform.

 

Thanks!

 

Best answer by garyturner3

Found the issue. The ip-masq agent daemonset is created only if I initially create the cluster with a network policy on and using the calico provider. If I switch to using those after the initial cluster creation then the daemonset won’t be created.


Recent Articles

Data Analytics

Generative AI: Are You Behind?!

Review the latest insights from the AI Readiness Report.
By Bruno Aziza
Industry Solutions

Make "Gen AI Work": Landscape, SLMs vs. LLMs, Cost & More...

Discover the 5 metrics you need to know in order to be an exceptional CEO and Operator.
By Bruno Aziza
Google Cloud Strategy

AI Cheat Sheet

AI is no more and no less the drive to create robots with human minds so they can do everything we do and more. Use this cheat sheet to help decode the space.
By Leah Zitter