User Tools

Site Tools


projects:k8s:k8s_setup_with_k0s_k0sctl
Home | clubs :: cloud club :: python_club :: 3D-Printing | projects :: Proxmox | Kubernetes | scripting | utilities | games

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
projects:k8s:k8s_setup_with_k0s_k0sctl [2026/05/27 06:46] garfieldprojects:k8s:k8s_setup_with_k0s_k0sctl [2026/06/09 07:02] (current) – external edit 127.0.0.1
Line 89: Line 89:
 firewall-cmd --permanent --add-port=4789/udp firewall-cmd --permanent --add-port=4789/udp
  
-Reload firewall to apply changes +Tell Fedora to trust all traffic on the container network bridges 
-firewall-cmd --reload +firewall-cmd --permanent --zone=trusted --add-interface=cni0 
-</code> +firewall-cmd --permanent --zone=trusted --add-interface=kube-router 
-  Open the firewall ports on the worker node(s)<code> + 
-# Open Kubelet API port and networking tunnels +# Allow pods to masquerade/NAT out to the local network 
-firewall-cmd --permanent --add-port=10250/tcp +firewall-cmd --permanent --zone=trusted --add-masquerade 
-firewall-cmd --permanent --add-port=179/tcp + 
-firewall-cmd --permanent --add-port=4789/udp +firewall-cmd --permanent --zone=trusted --add-source=10.244.0.0/16 
-firewall-cmd --permanent --add-port=8132-8133/tcp+firewall-cmd --permanent --zone=trusted --add-source=10.96.0.0/12
  
 # Reload firewall to apply changes # Reload firewall to apply changes
 firewall-cmd --reload firewall-cmd --reload
 +</code>
 +  - Disable the firewall completely **on the worker nodes** since k8s doesn't like it - Ref: [[https://docs.k0sproject.io/head/networking/#firewalld-k0s|k0s networking - firewalld-k0s]]<code>
 +sudo systemctl stop firewalld && sudo disable firewalld
 </code> </code>
   - Create the cluster<code>   - Create the cluster<code>
projects/k8s/k8s_setup_with_k0s_k0sctl.1779864369.txt.gz · Last modified: by garfield