Kubernetes version: 1.16.3
Cloud being used: (put bare-metal if not on a public cloud)
Installation method: kubespray
Host OS: ubuntu 16.04
CNI and version: calico v3.11.1
CRI and version: docker 19.03.8
I am trying to run kubernetes on a device. And the device have some security concerns. one of them is that i cannot enable packet forwarding on node (host machine).
I am run kubernetes 1.16.3 version with kube-proxy in IPVS mode. As soon as kube-proxy comes up the ipv4 forwarding is enabled.
cat /proc/sys/net/ipv4/ip_forward 1
I want to disable this behavior. I am stuck in this and not able to find where i can change to disable ip_forward being set by kube-proxy.
Also, /proc/sys/net/ipv4/ip_forward being set 1 is it a security concern ? Thanks