The kube-proxy module

You are viewing the documentation for an unreleased version of Deckhouse. You may choose the appropriate release channel from the versions menu or go to the latest stable Deckhouse version.

The module deletes the entire kubeadm kube-proxy set (DaemonSet, ConfigMap, RBAC) and installs its own.

For security reasons, for NodePort services, connections are only allowed to the nodes’ InternalIP by default. You can lift this restriction using the node.deckhouse.io/nodeport-bind-internal-ip: "false" annotation.

Here is an example of a NodeGroup annotation:

apiVersion: deckhouse.io/v1
kind: NodeGroup
metadata:
  name: myng
spec:
  nodeTemplate:
    annotations:
      node.deckhouse.io/nodeport-bind-internal-ip: "false"
...

Note! Following the addition, deletion, or changing the annotation, you have to restart kube-proxy Pods manually.

Note! The kube-proxy module is automatically disabled when the cni-cilium module is enabled.

The kube-proxy module

Request trial access

Thank you

Error

Request callback

Thank you

Something went wrong

Book your sessions

Thank you

Error

Request demo

Thank you

Error

Get the PCI SSC Compliance Report

Thank you

Error