#!/bin/bash iptables -t nat -N kube-local-services > /dev/null 2>&1 iptables -t nat -F kube-local-services {% if kubernetes_standalone_local_services_tcp | length > 0 %} iptables -t nat -A kube-local-services -p tcp --match multiport --dports {{ kubernetes_standalone_local_services_tcp | join(',') }} -i kube-bridge -s {{ kubernetes_standalone_pod_cidr }} -d {{ kubernetes_standalone_pod_cidr | ansible.utils.ipaddr('1') | ansible.utils.ipaddr('address') }} -j DNAT --to-destination 127.0.0.1 {% endif %} {% if kubernetes_standalone_local_services_udp | length > 0 %} iptables -t nat -A kube-local-services -p udp --match multiport --dports {{ kubernetes_standalone_local_services_udp | join(',') }} -i kube-bridge -s {{ kubernetes_standalone_pod_cidr }} -d {{ kubernetes_standalone_pod_cidr | ansible.utils.ipaddr('1') | ansible.utils.ipaddr('address') }} -j DNAT --to-destination 127.0.0.1 {% endif %} iptables -t nat -C PREROUTING -j kube-local-services > /dev/null 2>&1 if [ $? -ne 0 ]; then iptables -t nat -I PREROUTING 1 -j kube-local-services fi ip link add name kube-bridge type bridge > /dev/null 2>&1 echo 1 > /proc/sys/net/ipv4/conf/kube-bridge/route_localnet exit 0