Hi all,
I've recently created several GKE clusters through some custom Terraform code. However, by default it looks like NAT-ing from the pod network is not enabled which is not desirable. So I found this article on how to enable it:
https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent#how_ipmasq_works
Which did the trick just fine. However, I can't seem to find a way to enable this during the cluster creation. I'd prefer not to have to add in the daemonset and configmap after the cluster is created. Is there any way to configure this as part of the cluster creation through Terraform? Also, this is a private cluster and I do not have access to the cluster through kubectl from where I'm running Terraform.
Thanks!
Best answer by garyturner3
Found the issue. The ip-masq agent daemonset is created only if I initially create the cluster with a network policy on and using the calico provider. If I switch to using those after the initial cluster creation then the daemonset won’t be created.