Added destination column on networking requirements

Signed-off-by: Roberto Bonafiglia <[email protected]>
rancher · Sep 6, 2023 · e38c3ae · e38c3ae
1 parent 2c025af
commit e38c3ae
Showing 1 changed file with 26 additions and 25 deletions.
diff --git a/docs/install/requirements.md b/docs/install/requirements.md
@@ -90,33 +90,34 @@ If you wish to utilize the metrics server, you will need to open port 10250 on e
 
 ### Inbound Network Rules
 
-| Protocol | Port | Source | Description
-|-----|-----|----------------|---|
-| TCP | 9345 | RKE2 agent nodes | Kubernetes API
-| TCP | 6443 | RKE2 agent nodes | Kubernetes API
-| UDP | 8472 | RKE2 server and agent nodes | Required only for Flannel VXLAN
-| TCP | 10250 | RKE2 server and agent nodes | kubelet
-| TCP | 2379 | RKE2 server nodes | etcd client port
-| TCP | 2380 | RKE2 server nodes | etcd peer port
-| TCP | 30000-32767 | RKE2 server and agent nodes | NodePort port range
-| UDP | 8472 | RKE2 server and agent nodes | Cilium CNI VXLAN
-| TCP | 4240 | RKE2 server and agent nodes | Cilium CNI health checks
-| ICMP | 8/0 | RKE2 server and agent nodes | Cilium CNI health checks
-| TCP | 179 | RKE2 server and agent nodes | Calico CNI with BGP
-| UDP | 4789 | RKE2 server and agent nodes | Calico CNI with VXLAN
-| TCP | 5473 | RKE2 server and agent nodes | Calico CNI with Typha
-| TCP | 9098 | RKE2 server and agent nodes | Calico Typha health checks
-| TCP | 9099 | RKE2 server and agent nodes | Calico health checks
-| TCP | 5473 | RKE2 server and agent nodes | Calico CNI with Typha
-| UDP | 8472 | RKE2 server and agent nodes | Canal CNI with VXLAN
-| TCP | 9099 | RKE2 server and agent nodes | Canal CNI health checks
-| UDP | 51820 | RKE2 server and agent nodes | Canal CNI with WireGuard IPv4
-| UDP | 51821 | RKE2 server and agent nodes | Canal CNI with WireGuard IPv6/dual-stack
+| Protocol | Port        | Source            | Destination       | Description
+|----------|-------------|-------------------|-------------------|---|
+| TCP      | 9345        | RKE2 agent nodes  | RKE2 server nodes | RKE2 supervisor API
+| TCP      | 6443        | RKE2 agent nodes  | RKE2 server nodes | Kubernetes API
+| UDP      | 8472        | All RKE2 nodes    | All RKE2 nodes    | Required only for Flannel VXLAN
+| TCP      | 10250       | All RKE2 nodes    | All RKE2 nodes    | kubelet metrics
+| TCP      | 2379        | RKE2 server nodes | RKE2 server nodes | etcd client port
+| TCP      | 2380        | RKE2 server nodes | RKE2 server nodes | etcd peer port
+| TCP      | 30000-32767 | All RKE2 nodes    | All RKE2 nodes    | NodePort port range
+| UDP      | 8472        | All RKE2 nodes    | All RKE2 nodes    | Cilium CNI VXLAN
+| TCP      | 4240        | All RKE2 nodes    | All RKE2 nodes    | Cilium CNI health checks
+| ICMP     | 8/0         | All RKE2 nodes    | All RKE2 nodes    | Cilium CNI health checks
+| TCP      | 179         | All RKE2 nodes    | All RKE2 nodes    | Calico CNI with BGP
+| UDP      | 4789        | All RKE2 nodes    | All RKE2 nodes    | Calico CNI with VXLAN
+| TCP      | 5473        | All RKE2 nodes    | All RKE2 nodes    | Calico CNI with Typha
+| TCP      | 9098        | All RKE2 nodes    | All RKE2 nodes    | Calico Typha health checks
+| TCP      | 9099        | All RKE2 nodes    | All RKE2 nodes    | Calico health checks
+| TCP      | 5473        | All RKE2 nodes    | All RKE2 nodes    | Calico CNI with Typha
+| UDP      | 8472        | All RKE2 nodes    | All RKE2 nodes    | Canal CNI with VXLAN
+| TCP      | 9099        | All RKE2 nodes    | All RKE2 nodes    | Canal CNI health checks
+| UDP      | 51820       | All RKE2 nodes    | All RKE2 nodes    | Canal CNI with WireGuard IPv4
+| UDP      | 51821       | All RKE2 nodes    | All RKE2 nodes    | Canal CNI with WireGuard IPv6/dual-stack
 
 ### Windows Specific Inbound Network Rules
 
-| Protocol | Port | Source | Description
-|-----|-----|----------------|---|
-| UDP | 4789 | RKE2 server nodes | Required for Calico and Flannel VXLAN
+| Protocol | Port | Source            | Destination       | Description
+|----------|------|-------------------|-------------------|---|
+| UDP      | 4789 | All RKE2 nodes    | All RKE2 nodes    | Required for Calico and Flannel VXLAN
+| TCP      | 179  | All RKE2 nodes    | All RKE2 nodes    | Calico CNI with BGP
 
 Typically, all outbound traffic will be allowed.