Restrict k8s worker node addresses.
This commit is contained in:
parent
951b206a6b
commit
efe2069153
1 changed files with 1 additions and 1 deletions
|
@ -9,7 +9,7 @@ set firewall global-options all-ping 'enable'
|
||||||
set firewall group address-group router-addresses address 10.0.0.1
|
set firewall group address-group router-addresses address 10.0.0.1
|
||||||
set firewall group address-group router-addresses address 127.0.0.1
|
set firewall group address-group router-addresses address 127.0.0.1
|
||||||
set firewall group address-group k8s_nodes address '10.1.1.61-10.1.1.63' # master nodes
|
set firewall group address-group k8s_nodes address '10.1.1.61-10.1.1.63' # master nodes
|
||||||
set firewall group address-group k8s_nodes address '10.1.1.70-10.1.1.254' # worker nodes
|
set firewall group address-group k8s_nodes address '10.1.1.70-10.1.1.79' # worker nodes
|
||||||
set firewall group address-group k8s_api address '10.5.0.2'
|
set firewall group address-group k8s_api address '10.5.0.2'
|
||||||
set firewall group address-group k8s_ingress address '10.45.0.1' # external nginx
|
set firewall group address-group k8s_ingress address '10.45.0.1' # external nginx
|
||||||
set firewall group address-group k8s_ingress address '10.45.0.3' # internal nginx
|
set firewall group address-group k8s_ingress address '10.45.0.3' # internal nginx
|
||||||
|
|
Reference in a new issue