jbloggs777

It also makes for a waste of ink, for those judges and lawyers who are more comfortable with hard copies.

It would be interesting to see an FPS game with a "default cheat mode" that exposes all info about other players that it has by default. And then the devs work to minimize that... server-side occlusion, misdirection, reduced damage / bad aim when no direct line of sight, etc. Players can then learn to minimise their footprint despite the necessary leakage and how to take advantage of the info they get.

The Rancher or Kubernetes slack servers might be the best place to target your questions. It's more interactive, which would probably be more effective than posting Qs all over the Internet.

I'd argue that your average communist is moral and trustworthy right up until the moment they get any power, then they are just corrupt(able) politicians, ready and able to fuck over group A to benefit group B, who they happen to favor more this week (decisions must be made, after all!). No system is perfect, and definitely no individual.

Big picture view: The scales will tip every now and then, but it's ultimately survival of the fittest system that wins, with none existing in isolation - there are always external forces at play.

With that in mind, I'd put my money on more limited socialist-style-carve-outs like single payer healthcare in the US, more rent controls and housing subsidies, slightly better employee protections. Just enough to placate the masses, while the ruling class mostly continues as before. Even this will require a massive effort. Post-republicans, of course.

Great, finally they can include all the factual non-woke reporting about Donald Trump, Elon Musk and often underage hookers provided by the russian mafia and FSB, which mostly happened at Trump Tower as Trump's business empire was being rescued by russian money. Perhaps it can provide photos from the non-woke archives. It could even be turned into a series of children's stories to give them inspiration for their future careers of servitude and exploitation, which would be totally non-woke.

wg-quick takes a different approach, using an ip rule to send all traffic (except its own) to a different routing table with only the wireguard interface. I topped it up with iptables rules to block everything except DNS and the wireguard udp port on the main interface. I also disabled ipv6 on the main interface, to avoid any non-RFC1918 addresses appearing in the (in my case) container at all.

It might be a simple issue like ip forwarding not being enabled, or host-level iptables configuration, or perhaps weird and wonderful routing (eg. wireguard or other VPNs).

Your k3s/calico networking is likely screwed. Try creating a new cluster with flannel instead.

Sorry - I totally misread this. You cannot access internet addresses. So it's a routing or NAT issue, most likely.

I assume you are using k3d for this, btw?

So.. on the "server" (eg. docker exec -ti k3d-k3s-default-server-0 -- /bin/sh), you should be able to "ping 8.8.8.8" successfully.

If not, the issue may lie with your host's docker setup.

Do you have any NetworkPolicies configured that could block ingress (to kubedns, in kube-system) or egress (in your namespace) ? If any ingress or egress networkpolicy matches a pod, it flips from AllowByDefault to DenyByDefault.

You should also do kubectl get service and kubectl get endpoints in kube-system, as well as kubectl get pods | grep -i dns

Is the 404 page from Traefik or the backend service?

I'd be surprised if it's still kubedns.. the service name is still kubedns, but there will probably be CoreDNS pods behind it. To debug this, you should first ensure that you can resolve DNS by directly pointing to an external DNS server from a pod, and then from the node if that fails. eg. dig @1.1.1.1 google.com, or host google.com 1.1.1.1. It might be a routing/firewall/nat issue more than DNS, and this would help track that down.