mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
61 lines
1.6 KiB
Plaintext
61 lines
1.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * microshift_networking/microshift-firewall.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="microshift-firewall-optional-settings_{context}"]
|
|
= Using optional port settings
|
|
|
|
The {microshift-short} firewall service allows optional port settings.
|
|
|
|
.Procedure
|
|
|
|
* To add customized ports to your firewall configuration, use the following command syntax:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ sudo firewall-cmd --permanent --zone=public --add-port=<port number>/<port protocol>
|
|
----
|
|
+
|
|
.Optional ports
|
|
[option="header"]
|
|
|===
|
|
|Port(s)|Protocol(s)|Description
|
|
|
|
|80
|
|
|TCP
|
|
|HTTP port used to serve applications through the {ocp} router.
|
|
|
|
|443
|
|
|TCP
|
|
|HTTPS port used to serve applications through the {ocp} router.
|
|
|
|
|5353
|
|
|UDP
|
|
|mDNS service to respond for {ocp} route mDNS hosts.
|
|
|
|
|30000-32767
|
|
|TCP
|
|
|Port range reserved for NodePort services; can be used to expose applications on the LAN.
|
|
|
|
|30000-32767
|
|
|UDP
|
|
|Port range reserved for NodePort services; can be used to expose applications on the LAN.
|
|
|
|
|6443
|
|
|TCP
|
|
|HTTPS API port for the {product-title} API.
|
|
|===
|
|
|
|
The following are examples of commands used when requiring external access through the firewall to services running on {microshift-short}, such as port 6443 for the API server, for example, ports 80 and 443 for applications exposed through the router.
|
|
|
|
.Example command
|
|
|
|
* Configuring a port for the {microshift-short} API server:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ sudo firewall-cmd --permanent --zone=public --add-port=6443/tcp
|
|
----
|
|
|
|
To close unnecessary ports in your {microshift-short} instance, follow the procedure in "Closing unused or unnecessary ports to enhance network security". |