What firewall inbound rules are need for kubectl exec?

I am having trouble with a firewall rule for k8s nodes. Ports 22, 80 and 443 are allowing in all traffic. Then an implicit deny for all other ports.

All outbound traffic is allowed.

Any idea what I seem to be missing?

1 Reply

The implicit denial for all other ports for inbound connections will interfere with the functionality of your cluster. Your Nodebalancer, as well as control plane services, communicate with your worker nodes on non-standard ports. We have a pretty detailed Community site post about securing your Kubernetes cluster which provides insight on what ports will need to be left open:



Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct