lib/hetzner/infra/firewall.rb in hetzner-k3s-0.3.4 vs lib/hetzner/infra/firewall.rb in hetzner-k3s-0.3.5
- old
+ new
@@ -42,48 +42,53 @@
def firewall_config
{
name: cluster_name,
rules: [
{
+ "description": "Allow port 22 (SSH)",
"direction": "in",
"protocol": "tcp",
"port": "22",
"source_ips": [
"0.0.0.0/0",
"::/0"
],
"destination_ips": []
},
{
+ "description": "Allow ICMP (ping)",
"direction": "in",
"protocol": "icmp",
"port": nil,
"source_ips": [
"0.0.0.0/0",
"::/0"
],
"destination_ips": []
},
{
+ "description": "Allow port 6443 (Kubernetes API server)",
"direction": "in",
"protocol": "tcp",
"port": "6443",
"source_ips": [
"0.0.0.0/0",
"::/0"
],
"destination_ips": []
},
{
+ "description": "Allow all TCP traffic between nodes on the private network",
"direction": "in",
"protocol": "tcp",
"port": "any",
"source_ips": [
"10.0.0.0/16"
],
"destination_ips": []
},
{
+ "description": "Allow all UDP traffic between nodes on the private network",
"direction": "in",
"protocol": "udp",
"port": "any",
"source_ips": [
"10.0.0.0/16"