Is there any documentation for these options?
I remember having problems with hairpin NAT a while back I think due to my container registry being within the rancher environment.
Do I need to enable it?
I went with No for the hairpin option as part of the upgrade to 1.6.3. Unfortunately after upgrading all the infrastructure services, the load balances are failing with the following errors:
Rolling-Back (Expected state running but got stopped: Couldn't bring up network: netplugin failed but error parsing its diagnostic message "": unexpected end of JSON input)
Rolling-Back (Expected state running but got stopped: Timeout getting IP address)
Any ideas?
In fact it seems like the infrastructure services are doing the same thing.
Funny thing is that its only affecting 2 of the 3 rancher environments. One is completely fine.
Sorted by completely removing the hosts and adding them back one by one to each of the problematic environments.
+1 for this one
A little explanation for when Hairpin or promiscuous mode should be used (or not), what it is they are doing, their respective caveats, and such things would be great.