1

Here is the definition of my problem. I have a single node kubeadm cluster running on fedora cloud 40 VMs with vagrant.

I activated firewalld with this configuration:

kubernetes
  sources: 10.0.0.0/8 172.16.0.0/12 192.168.100.0/24
public (default)
  interfaces: eth1 eth0
---
public (default, active)
  target: default
  ingress-priority: 0
  egress-priority: 0
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: dhcpv6-client mdns ssh
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules:
---
kubernetes (active)
  target: default
  ingress-priority: 0
  egress-priority: 0
  icmp-block-inversion: no
  interfaces: 
  sources: 10.0.0.0/8 172.16.0.0/12 192.168.100.0/24
  services: dhcpv6-client mdns ssh
  ports: 179/tcp 5473/tcp 10250/tcp 6443/tcp 2379-2380/tcp 10251-10252/tcp
  protocols:
  forward: no
  masquerade: yes
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Metallb and Tigera Calico are well installed in the cluster. The coredns pods have reached Ready status.

So I started by installing traefik ingress via helm. After installation the service works and I can access the dashboard (traefik).

Finally I installed Kubernetes Dashboard via the official helm. I configured an IngressRoute to point a domain to the kubernetes dashboard service.

However, when from my browser I try to access the application via the previously configured host I get the return bad gateway. so I tried to deactivate firewalld on the node, and magic there it works.

Do you have an idea of ​​the firewalld rules that I should add please? I don't really understand what I'm doing wrong, especially since I thought it was up to Tigera Calico to take care of the cluster's firewall rules.

0

You must log in to answer this question.

Browse other questions tagged .