From 616d7e97d006cb0d054706dd0db5639497abee54 Mon Sep 17 00:00:00 2001 From: Rudolf Byker Date: Tue, 29 Aug 2023 09:17:22 +0200 Subject: [PATCH] Add firewall configuration to quick start documentation (#10357) --- docs/deploy/index.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/deploy/index.md b/docs/deploy/index.md index d719d4a57..df11d710c 100644 --- a/docs/deploy/index.md +++ b/docs/deploy/index.md @@ -80,6 +80,12 @@ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/cont Because of api deprecations, the default manifest may not work on your cluster. Specific manifests for supported Kubernetes versions are available within a sub-folder of each provider. +### Firewall configuration + +To check which ports are used by your installation of ingress-nginx, look at the output of `kubectl -n ingress-nginx get pod -o yaml`. In general, you need: +- Port 8443 open between all hosts on which the kubernetes nodes are running. This is used for the ingress-nginx [admission controller](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). +- Port 80 (for HTTP) and/or 443 (for HTTPS) open to the public on the kubernetes nodes to which the DNS of your apps are pointing. + ### Pre-flight check A few pods should start in the `ingress-nginx` namespace: