2.3.4.2 Multi-Master Firewall Rules

For a multi-master deployment, the following additional ports are required to be open in the firewall on the master node.

On the Kubernetes master nodes run:

$ sudo firewall-cmd --add-port=10251/tcp --permanent
$ sudo firewall-cmd --add-port=10252/tcp --permanent
$ sudo firewall-cmd --add-port=2379/tcp --permanent
$ sudo firewall-cmd --add-port=2380/tcp --permanent

Restart the firewall for these rules to take effect:

$ sudo systemctl restart firewalld