Here is the definition of my problem. I have a single node kubeadm cluster running on fedora cloud 40 VMs with vagrant.
I activated firewalld with this configuration:
kubernetes
sources: 10.0.0.0/8 172.16.0.0/12 192.168.100.0/24
public (default)
interfaces: eth1 eth0
---
public (default, active)
target: default
ingress-priority: 0
egress-priority: 0
icmp-block-inversion: no
interfaces: eth0 eth1
sources:
services: dhcpv6-client mdns ssh
ports:
protocols:
forward: yes
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
---
kubernetes (active)
target: default
ingress-priority: 0
egress-priority: 0
icmp-block-inversion: no
interfaces:
sources: 10.0.0.0/8 172.16.0.0/12 192.168.100.0/24
services: dhcpv6-client mdns ssh
ports: 179/tcp 5473/tcp 10250/tcp 6443/tcp 2379-2380/tcp 10251-10252/tcp
protocols:
forward: no
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Metallb and Tigera Calico are well installed in the cluster. The coredns pods have reached Ready status.
So I started by installing traefik ingress via helm. After installation the service works and I can access the dashboard (traefik).
Finally I installed Kubernetes Dashboard via the official helm. I configured an IngressRoute to point a domain to the kubernetes dashboard service.
However, when from my browser I try to access the application via the previously configured host I get the return bad gateway.
so I tried to deactivate firewalld on the node, and magic there it works.
Do you have an idea of the firewalld rules that I should add please? I don't really understand what I'm doing wrong, especially since I thought it was up to Tigera Calico to take care of the cluster's firewall rules.
