K8s version: 1.29
Aws CNI 1.18.1
Expected behavior
Outgoing port is the same as the selected by the application
Actual behavior
Docker seems to select a random source port ignoring the network-host setting.
Additional Information
Steps to reproduce the behavior
Install kamailio
Receive an INVITE on one port and forward it on a different port.
The actual port going out is NOT the one selected by the application.
The pod is running in hostNetwork: true mod:
containers:
image: myimage imagePullPolicy: Always
name: sip-proxy
resources: {}
securityContext:
privileged: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-84tdr
readOnly: true
dnsPolicy: ClusterFirstWithHostNet
enableServiceLinks: true
hostNetwork: true
imagePullSecrets:
name: regcred nodeName: ip-10-1-2-36.ec2.internal
nodeSelector:
application: proxy
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
I’m positive is selecting the socket properly, is there any setting in the network/container side regarding using random on outbound? BTW the image does NOT exposes the 5160 port, but i understand that doesn’t matter if i’m running it in hostNetwork mode?
Thanks again!