This is specific to an Ubuntu server, but can be used on other with minor modifications. This way you can allow ports without completely turning off the firewalls.
Create a file call add_ports.sh. Add the following contents.
#!/bin/bash
# Only run if root
if [ "$EUID" -ne 0 ]
then liblog::info "Please run as root"
exit
fi
echo "============================"
echo "Adding necessary ports"
echo "============================"
# Open necessary ports
while read i; do
if [[ $(firewall-cmd --list-ports | grep $i) ]]; then
echo "$i already exists"
else
echo "Adding $i"
firewall-cmd --add-port=$i --permanent;
fi
done < ./ports_list.txt
firewall-cmd --reload
Then create a file called “ports_list.txt” in the same directory. This list of ports is common against most Kubernetes installations unless custom ports are specified during the install.
9345/tcp
6443/tcp
8472/udp
10250/tcp
2379/tcp
2380/tcp
30000-32767/tcp
179/tcp
4789/tcp
5473/tcp
9098/tcp
9099/tcp
51820/tcp
51821/tcp
443/tcp
80/tcpGive the script permissions to run on the local system.
chmod +x ./add_ports.shRun the script and it should set all ports to open on the given node.