mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 21:46:22 +01:00
105 lines
4.2 KiB
Plaintext
105 lines
4.2 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * installing/install_config/configuring-firewall.adoc
|
|
|
|
:_mod-docs-content-type: REFERENCE
|
|
[id="network-flow-matrix_{context}"]
|
|
= {product-title} network flow matrix
|
|
|
|
The following network flow matrixes describe the ingress flows to {product-title} services for the following environments:
|
|
|
|
* {product-title} on bare metal
|
|
* {sno-caps} with other platforms
|
|
* {product-title} on {aws-first}
|
|
* {sno-caps} on {aws-short}
|
|
|
|
Use the information in the appropriate network flow matrix to help you manage ingress traffic for your specific environment. You can restrict ingress traffic to essential flows to improve network security.
|
|
|
|
Additionally, consider the following dynamic port ranges when managing ingress traffic for both bare metal and cloud environments:
|
|
|
|
* `9000-9999`: Host level services
|
|
* `30000-32767`: Kubernetes node ports
|
|
* `49152-65535`: Dynamic or private ports
|
|
|
|
To view or download the complete raw CSV content for an environment, see the following resources:
|
|
|
|
* link:https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/raw/bm.csv[{product-title} on bare metal]
|
|
|
|
* link:https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/raw/none-sno.csv[{sno-caps} with other platforms]
|
|
|
|
* link:https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/raw/aws.csv[{product-title} on {aws-short}]
|
|
|
|
* link:https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/raw/aws-sno.csv[{sno-caps} on {aws-short}]
|
|
|
|
[NOTE]
|
|
====
|
|
The network flow matrixes describe ingress traffic flows for a base {product-title} or {sno} installation. The matrixes do not apply for {hcp}, Red{nbsp}Hat build of MicroShift, or standalone clusters.
|
|
====
|
|
|
|
[id="network-flow-matrix-common_{context}"]
|
|
== Base network flows
|
|
|
|
The following matrixes describe the base ingress flows to {product-title} services.
|
|
|
|
[NOTE]
|
|
====
|
|
For base ingress flows to {sno} clusters, see the _Control plane node base flows_ matrix only.
|
|
====
|
|
|
|
[id="network-flow-matrix-control_{context}"]
|
|
.Control plane node base flows
|
|
[%header,format=csv]
|
|
|===
|
|
include::https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/unique/common-master.csv[]
|
|
|===
|
|
|
|
[id="network-flow-matrix-worker_{context}"]
|
|
.Worker node base flows
|
|
[%header,format=csv]
|
|
|===
|
|
include::https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/unique/common-worker.csv[]
|
|
|===
|
|
|
|
[id="network-flow-matrix-bm_{context}"]
|
|
== Additional network flows for {product-title} on bare metal
|
|
|
|
In addition to the base network flows, the following matrix describes the ingress flows to {product-title} services that are specific to {product-title} on bare metal.
|
|
|
|
.{product-title} on bare metal
|
|
[%header,format=csv]
|
|
|===
|
|
include::https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/unique/bm.csv[]
|
|
|===
|
|
|
|
[id="network-flow-matrix-sno_{context}"]
|
|
== Additional network flows for {sno} with other platforms
|
|
|
|
In addition to the base network flows, the following matrix describes the ingress flows to {product-title} services that are specific to {sno} configured with `platform: none` in the installation manifest.
|
|
|
|
.{sno-caps} with other platforms
|
|
[%header,format=csv]
|
|
|===
|
|
include::https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/unique/none-sno.csv[]
|
|
|===
|
|
|
|
[id="network-flow-matrix-aws_{context}"]
|
|
== Additional network flows for {product-title} on {aws-short}
|
|
|
|
In addition to the base network flows, the following matrix describes the ingress flows to {product-title} services that are specific to {product-title} on {aws-short}.
|
|
|
|
.{product-title} on AWS
|
|
[%header,format=csv]
|
|
|===
|
|
include::https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/unique/aws.csv[]
|
|
|===
|
|
|
|
[id="network-flow-matrix-aws-sno_{context}"]
|
|
== Additional network flows for {sno} on {aws-short}
|
|
|
|
In addition to the base network flows, the following matrix describes the ingress flows to {product-title} services that are specific to {sno} on {aws-short}.
|
|
|
|
.{sno-caps} on AWS
|
|
[%header,format=csv]
|
|
|===
|
|
include::https://raw.githubusercontent.com/openshift-kni/commatrix/release-4.20/docs/stable/unique/aws-sno.csv[]
|
|
|=== |