Open rwsu opened 4 weeks ago
[APPROVALNOTIFIER] This PR is NOT APPROVED
This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please ask for approval from rwsu. For more information see the Kubernetes Code Review Process.
The full list of commands accepted by this bot can be found here.
22624 is the insecure port for the machine config server. Day 2 nodes should be communicating through the secure port 22623. By blocking the insecure port for extra worker nodes, we force them to use the secure port.
The filter isn't applied to master or worker nodes because they fetch their ignition through the secure port during initial installation.