Rancher Nodes (1) |
|
22 TCP |
|
git.rancher.io (2): 35.160.43.145:32 35.167.242.46:32 52.33.59.17:32 |
|
2376 TCP |
|
etcd Plane Nodes |
443 TCP (3) |
2379 TCP |
|
|
443 TCP |
|
2380 TCP |
|
|
|
|
6443 TCP |
|
|
8472 UDP |
|
9099 TCP (4) |
|
|
|
Control Plane Nodes |
443 TCP (3) |
2379 TCP |
|
|
443 TCP |
|
2380 TCP |
|
|
|
|
6443 TCP |
|
|
8472 UDP |
|
10250 TCP |
|
|
9099 TCP (4) |
|
|
|
10254 TCP (4) |
|
|
Worker Plane Nodes |
443 TCP (3) |
|
6443 TCP |
|
443 TCP |
|
8472 UDP |
|
|
|
9099 TCP (4) |
|
|
|
10254 TCP (4) |
|
External Load Balancer (5) |
80 TCP |
|
|
|
|
|
443 TCP (6) |
|
|
|
|
|
API / UI Clients |
80 TCP (3) |
|
|
|
80 TCP
|
|
443 TCP (3) |
|
|
|
443 TCP |
|
Workload Clients |
|
|
|
30000-32767 TCP / UDP (nodeport) |
|
|
|
|
80 TCP (Ingress) |
|
|
|
|
443 TCP (Ingress) |
|
|
Notes:
1. Nodes running standalone server or Rancher HA deployment. 2. Required to fetch Rancher chart library. 3. Only without external load balancer. 4. Local traffic to the node itself (not across nodes). 5. Load balancer / proxy that handles tragging to the Rancher UI / API. 6. Only if SSL is not terminated at external load balancer. |