openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

OSDOCS#16434: Open the firewall port 53 on TCP for HCP

Browse Source
This commit is contained in:
xenolinux
2025-10-08 14:06:16 +05:30
committed by openshift-cherrypick-robot
parent f78369f3db
commit 99285eda22
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hosted_control_planes/hcp-prepare/hcp-requirements.adoc
View File

@@ -14,6 +14,8 @@ The following requirements apply to {hcp}:
* In order to run the HyperShift Operator, your management cluster needs at least three worker nodes.
* You must open the firewall port `53` on Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) to allow the Domain Name Service (DNS) protocol to work as expected.
* You can run both the management cluster and the worker nodes on-premise, such as on a bare-metal platform or on {VirtProductName}. In addition, you can run both the management cluster and the worker nodes on cloud infrastructure, such as {aws-first}.
* If you use a mixed infrastructure, such as running the management cluster on {aws-short} and your worker nodes on-premise, or running your worker nodes on {aws-short} and your management cluster on-premise, you must use the `PublicAndPrivate` publishing strategy and follow the latency requirements in the support matrix.

6
modules/hcp-proxy-cp-workloads.adoc
View File

@@ -16,9 +16,11 @@ Operators that run in the control plane need to access external services through
* The Ingress Operator needs access to validate external canary routes.
In a hosted cluster, you must send traffic that originates from the Control Plane Operator, Ingress Operator, OAuth server, and OpenShift API server pods through the data plane to the configured proxy and then to its final destination.
* You must open the firewall port `53` on Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) to allow the Domain Name Service (DNS) protocol to work as expected.
In a hosted cluster, you must send traffic that originates from the Control Plane Operator, Ingress Operator, OAuth server, and OpenShift API server pods through the data plane to the configured proxy and then to its final destination.
[NOTE]
====
Some operations are not possible when a hosted cluster is reduced to zero compute nodes; for example, when you import OpenShift image streams from a registry that requires proxy access.
====
====