Very nice! I've done something similar for a #k8s cluster that needed #NAT64 translation for its containers. One thing I did have to add was filtering within the namespace, since Jool was unexpectedly translating RFC1918 addresses when using the well-known prefix.

It was unclear to me why Jool was doing that, but all was easily fixed with some reject rules for each of the rfc1918 address subnets.

Hledám infra experta do banky. Bez kódování, jen vrtání se v systémech.

#infrastructureascode #devops #automation
#cloud #k8s #terraform #ansible

Hybrid #job #Praha, 1x týdně on-site.
Technický pohovor online ihned.
*MD doplním.

Díky,
Honza