OKE Missing Security List Ingress Rules
The install scripts perform a check, which attempts access through the ingress ports. If the check fails, then the install will exit and you will see error messages like this:
ERROR: Port 443 is NOT accessible on ingress(184.108.40.206)! Check that security lists include an ingress rule for the node port 31739.
On an OKE install, this may indicate that there is a missing ingress rule or rules. To verify and fix the issue, do the following:
- Get the ports for the
kubectl get services -A.
- Note the ports for the
LoadBalancertype services. For example
- Check the security lists in the OCI Console.
- Go to
Networking/Virtual Cloud Networks.
- Select the related VCN.
- Go to the
Security Listsfor the VCN.
- Select the security list named
- Check the ingress rules for the security list. There should be one rule for each of the destination ports named in the
LoadBalancerservices. In the above example, the destination ports are
31739. We would expect the ingress rule for
31739to be missing because it was named in the
- If a rule is missing, then add it by clicking
Add Ingress Rulesand filling in the source CIDR and destination port range (missing port). Use the existing rules as a guide.
- Go to
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.