Traffic from Cloud VPS instances to the cloud-private networks should not be subjected to the general egress NAT.
Description
Details
Event Timeline
Change 998261 had a related patch set uploaded (by Majavah; author: Majavah):
[operations/puppet@production] P:wmcs: cloud_private_subnet: add route to private instance networks
Change 998261 merged by Majavah:
[operations/puppet@production] P:wmcs: cloud_private_subnet: add route to private instance networks
Change 998412 had a related patch set uploaded (by Majavah; author: Majavah):
[operations/puppet@production] P:wmcs::cloudgw: do not traffic to cloud-internal networks
Change 998412 merged by Majavah:
[operations/puppet@production] P:wmcs::cloudgw: do not NAT traffic to cloud-internal networks
Mentioned in SAL (#wikimedia-cloud) [2024-02-08T13:43:02Z] <taavi> deploy change to exclude cloud-private networks from general egress NAT https://phabricator.wikimedia.org/T356850
Change 999004 had a related patch set uploaded (by Cathal Mooney; author: Cathal Mooney):
[operations/puppet@production] Remove cloud_private_v4_set from cloudgw nftables definition
Change 999004 merged by Arturo Borrero Gonzalez:
[operations/puppet@production] Remove cloud_private_v4_set from cloudgw nftables definition