mirror of https://github.com/kubernetes/kops.git
Allow node -> master on tcp 10255
This port serves the read-only kubelet api and is required by heapster
This commit is contained in:
parent
072c81e394
commit
01bcf416e2
|
@ -18,11 +18,12 @@ package model
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
"github.com/golang/glog"
|
"github.com/golang/glog"
|
||||||
"k8s.io/kops/pkg/apis/kops"
|
"k8s.io/kops/pkg/apis/kops"
|
||||||
"k8s.io/kops/upup/pkg/fi"
|
"k8s.io/kops/upup/pkg/fi"
|
||||||
"k8s.io/kops/upup/pkg/fi/cloudup/awstasks"
|
"k8s.io/kops/upup/pkg/fi/cloudup/awstasks"
|
||||||
"strconv"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type Protocol int
|
type Protocol int
|
||||||
|
@ -107,6 +108,9 @@ func (b *FirewallModelBuilder) applyNodeToMasterAllowSpecificPorts(c *fi.ModelBu
|
||||||
// allow cadvisor
|
// allow cadvisor
|
||||||
tcpPorts = append(tcpPorts, 4194)
|
tcpPorts = append(tcpPorts, 4194)
|
||||||
|
|
||||||
|
// kubelet read-only used by heapster
|
||||||
|
tcpPorts = append(tcpPorts, 10255)
|
||||||
|
|
||||||
if b.Cluster.Spec.Networking != nil {
|
if b.Cluster.Spec.Networking != nil {
|
||||||
if b.Cluster.Spec.Networking.Kopeio != nil {
|
if b.Cluster.Spec.Networking.Kopeio != nil {
|
||||||
// VXLAN over UDP
|
// VXLAN over UDP
|
||||||
|
|
Loading…
Reference in New Issue