gke/Check Destination Ip

GKE is expected not to IP masquerade. If needed then it should be added on nonMasqueradeCIDRs.

Product: Google Kubernetes Engine
Step Type: AUTOMATED STEP

Description

This will confirm if pod IP is present on the list.

Uncertain Reason

When ip-masq-agent daemonset is deployed without a configmap, it uses the default non-masq destinations [1].

[1] https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent#creating_the_ip-masq-agent_configmap

Uncertain Remediation

Follow the steps for including the Destination IP CIDRs in nonMasqueradeCIDRs [1].

[1] https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent#edit-ip-masq-agent-configmap