Merge pull request #10 from danhiris/main

fix google's UDP load balancers DSR implementation

Author: danhiris

main.tf

@@ -125,6 +125,10 @@ resource "google_compute_instance_template" "accesstier_template" {
     "modprobe nf_conntrack \n",
     "echo '65536' > /proc/sys/net/netfilter/nf_conntrack_buckets \n",
     "echo '262144' > /proc/sys/net/netfilter/nf_conntrack_max \n",
+    "# Setting up an iptables DNAT to fix google's UDP load balancers DSR implementation, which forward the traffic with an untranslated destination \n",
+    "mkdir /etc/iptables \n",
+    "iptables -t nat -I PREROUTING -p udp --dport 51820 -j DNAT --to-destination $(hostname -i) \n",
+    "iptables-save > /etc/iptables/rules.v4 \n",
     var.datadog_api_key != null ? "curl -L https://s3.amazonaws.com/dd-agent/scripts/install_script.sh | DD_AGENT_MAJOR_VERSION=7 DD_API_KEY=${var.datadog_api_key} DD_SITE=datadoghq.com bash -v \n" : "",
     "curl https://www.banyanops.com/onramp/deb-repo/banyan.key | apt-key add -\n",
     var.staging_repo != null ? "apt-add-repository \"deb https://www-stage.bnntest.com/onramp/deb-repo xenial main\" \n" : "apt-add-repository \"deb https://www.banyanops.com/onramp/deb-repo xenial main\" \n",