This is a [Help Needed] first, and maybe a [Doc Enhancement] later.
as we know, Neither native LVS nor keepalived will do SNAT(should be taken care by ourselves), but only DNAT.
With the steps in the doc, the vip:port is not accessable. Due to there's no SNAT.
Usually, we will have to set the default route to VIP from real-server(the pods in kube-keepalived-vip scenario) .
We use another tricky way to DNAT all in the node (iptables -t nat -I POSTROUTING -d 0.0.0.0/0 -j MASQUERADE) [ we are using IPVS NAT mode]
But handling SNAT seems not being mentioned in kube-keepalived-vip documents any where.
Did I miss anything?
if not , who is not familiar with LVS may suffer from question like why my vip:port is not achievable outside LVS node..