1 files changed, 19 insertions, 0 deletions

diff --git a/roles/kubernetes/standalone/base/templates/kube-standalone-local-services.sh.j2 b/roles/kubernetes/standalone/base/templates/kube-standalone-local-services.sh.j2
new file mode 100644
index 00000000..d29e6a34
--- /dev/null
+++ b/roles/kubernetes/standalone/base/templates/kube-standalone-local-services.sh.j2
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+iptables -t nat -N kube-local-services > /dev/null 2>&1
+iptables -t nat -F kube-local-services
+
+{% if kubernetes_standalone_local_services_tcp | length > 0 %}
+iptables -t nat -A kube-local-services -p tcp --match multiport --dports {{ kubernetes_standalone_local_services_tcp | join(',') }} -i kube-bridge -d {{ kubernetes_standalone_pod_cidr | ipaddr('1') | ipaddr('address') }} -j DNAT --to-destination 127.0.0.1
+{% endif %}
+{% if kubernetes_standalone_local_services_udp | length > 0 %}
+iptables -t nat -A kube-local-services -p udp --match multiport --dports {{ kubernetes_standalone_local_services_udp | join(',') }} -i kube-bridge -d {{ kubernetes_standalone_pod_cidr | ipaddr('1') | ipaddr('address') }} -j DNAT --to-destination 127.0.0.1
+{% endif %}
+
+iptables -t nat -C PREROUTING -j kube-local-services > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+  iptables -t nat -I PREROUTING 1 -j kube-local-services
+fi
+echo 1 > /proc/sys/net/ipv4/conf/kube-bridge/route_localnet
+
+exit 0