NOTE: This repo is no longer being maintained or monitored. If you are facing any issues, you could either create an issue on the other respective repos (if any) or directly reach to us via civo.com
29
stars
2
forks
source link
nodes NotReady after removing default firewall rules #51
remove all other firewall rules except rule k8s, and default ICMP rule (named: 'Ping/traceroute')
restart worker nodes from GUI
Result - worker nodes become NotReady after some time:
$ kubectl --kubeconfig=civo-civo1-kubeconfig get node
NAME STATUS ROLES AGE VERSION
kube-node-ff61 NotReady <none> 33m v1.18.6+k3s1
kube-node-f6ae NotReady <none> 33m v1.18.6+k3s1
kube-master-98ea Ready master 34m v1.18.6+k3s1
I would like to restrict access to the cluster only to my IP.
civo firewall rule create FIREWALL_ID -c 'MY_PUBLIC_IP/32' -d ingress -s 6443 -e 6443 -p TCP -l k8s
Result - worker nodes become NotReady after some time:
I would like to restrict access to the cluster only to my IP.