Bug 1270960

Summary: [DOCS] Port map for firewalls
Product: OpenShift Container Platform Reporter: Alex Dellapenta <adellape>
Component: DocumentationAssignee: brice <bfallonf>
Status: CLOSED CURRENTRELEASE QA Contact: Vikram Goyal <vigoyal>
Severity: low Docs Contact: Vikram Goyal <vigoyal>
Priority: low    
Version: 3.0.0CC: aos-bugs, bfallonf, ederevea, jokerman, mmccomas
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-09-27 03:49:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alex Dellapenta 2015-10-12 18:34:58 UTC 
From https://github.com/openshift/openshift-docs/issues/684:

===

There should be a section in administration guide to let the users know which ports should be open between the openshift environment if there is a firewall between broker and nodes

Say : master to node
node to node
master to master 
external to master

===

See also:

https://github.com/openshift/training/issues/291
Comment 3 brice 2015-11-06 01:44:28 UTC 
A ports doc is now in the OSE 3.0 docs:

https://github.com/openshift/openshift-docs/pull/1136
Comment 4 Vikram Goyal 2015-11-11 20:26:54 UTC 
*** Bug 1280411 has been marked as a duplicate of this bug. ***
Comment 5 Evgheni Dereveanchin 2015-11-17 11:46:40 UTC 
Can we make protocols more visible? I think it would be better to have TCP/80 UDP/4789 rather than notes at the end of the page.

Also a question stands for port 53 - is it supposed to be both TCP and UDP? When I check my master I see that both TCP/53 and UDP/53 are being listened to.

# lsof -i | grep domain
openshift    952       root   40u  IPv4    18625      0t0  TCP *:domain (LISTEN)
openshift    952       root   41u  IPv4    18627      0t0  UDP *:domain
Comment 6 Alex Dellapenta 2015-12-02 15:43:18 UTC 
See comment in https://github.com/openshift/openshift-docs/pull/1136#issuecomment-161337791 for latest.

The table is published in the 3.1 docs, but I'm moving this BZ back to ASSIGNED while I work on getting it into the 3.0 branch correctly (see above GH comment for details). I'll also address Evgheni's protocol suggestion (for both 3.0 and 3.1).
Comment 7 brice 2016-05-24 22:14:26 UTC 
Feedback from ccs list:

"These tables in the 'required ports' section don't specify protocol, could you please add a column containing tcp/udp"
Comment 8 Vikram Goyal 2017-09-20 05:43:36 UTC 
@Brice - this is quite old and I am happy for you to close it if there is no more work to be done on this.
Comment 9 brice 2017-09-27 03:49:47 UTC 
From what I can see, this is currently in the docs, and goes back to 3.1.

I'll close this. Alex, if you disagree and think it needs something else, let me know.