kubernetes - Why iptables rule setup in initContainer `istio-init` works in application container?
问题描述
I am reading the doc of istio. It says:
istio-init This init container is used to setup the iptables rules so that inbound/outbound traffic will go through the sidecar proxy.
In my understanding, initContainer and application container are separated except that they share same network namespace. So why would iptables setup in initContainer still persist in application container?
解决方案
As I mentioned in the comments, Iptables rules are briefly described here.
There is also a Iptables Schematic:
推荐阅读
- java - 从 bash 脚本中逐个执行 Java Cucumber 功能文件,并在第一个完成后继续执行功能文件
- c# - Dynamics 365 Web API:没有 OData-EntityId 的 GetAsync 记录
- c# - 在 .NET core 2.0 中引用 .NET Framework 4 dll
- google-chrome-extension - Chrome 扩展 - 使用从后台发送的消息中的数据在弹出窗口中持久注入 HTML
- ios - Swift 框架 - 未找到 Objective-C 标头
- php - 如何将变量或记录转换为数组
- swift - Swift 4.2 字典无法按键找到值
- java - 如何从按模式拆分的字符串中获取最后一个标记
- css - 单击 li 元素后删除 :hover 类
- s4sdk - 如何在 VDM 中获取本地化字段的文本?