Firewalld block rancher cluster dns: Weave CNI does not work with Firewalld on RHEL 8 based OSs
This document (000020713) is provided subject to the disclaimer at the end of this document.
Firewalld service block Rancher cluster DNS on Rhel8.
Steps to reproduce:
1. Install and setup RKE on RHEL 8
2. CoreDNS is deployed as part of the RKE setup
3. Start firewalld service on RHEL8 nodes.
After starting firewalld service, k8s pod logs return connection error:
ent-041273.voicelab.local. A: read udp 172.21.0.19:58953->18.104.22.168:53: i/o timeout --------------
Firewalld block these ports that are required:
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020713
- Creation Date: 11-Oct-2022
- Modified Date:11-Oct-2022
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com