Rancher nodes:
Nodes running the rancher/rancher container

Rancher nodes - Inbound rules

Protocol Port Source Description
TCP 80
  • Load balancer/proxy that does external SSL termination
Rancher UI/API when external SSL termination is used
TCP 443
  • etcd nodes
  • controlplane nodes
  • worker nodes
  • Hosted/Imported Kubernetes
  • any that needs to be able to use UI/API
Rancher agent, Rancher UI/API, kubectl

Rancher nodes - Outbound rules

Protocol Port Destination Description
TCP 22
  • Any node IP from a node created using Node Driver
SSH provisioning of nodes using Node Driver
TCP 443
  • 35.160.43.145/32
  • 35.167.242.46/32
  • 52.33.59.17/32
git.rancher.io (catalogs)
TCP 2376
  • Any node IP from a node created using Node Driver
Docker daemon TLS port used by Docker Machine
TCP 6443
  • Hosted/Imported Kubernetes API
Kubernetes apiserver