Hide Forgot
Description of problem: Previous OpenShift releases had API listen on port 8443 by default. With nextgen installer it is 6443. This would be confusing for existing users and a problem by upgrades. Also not sure what configuration will openshift-ansible set because it would still be a supported installation method as far as I know. Version-Release number of the following components: 4.x How reproducible: always Steps to Reproduce: 1. openshift-install Actual results: API listen on 6443 Expected results: API listen on 8443
Cross-linking https://github.com/openshift/origin/issues/21725
*** Bug 1658932 has been marked as a duplicate of this bug. ***
I created a naive pull request to make server listen on 8443 [1]. I just went over installer repo and changed all 6443 ports to 8443. It doesn't work but might serve a starting point for whoever knows what actually needs to be changed. For me ideally api server will listen on 8443 on each master for consistency with openshift-ansible. While LB would serve on 443. Pasting the relevant bits from an internal discussion: > Clayton Coleman: GCP doesn’t even allow TCP proxying on 6443 (tcp proxying being the best of the external facing LB options for our near term needs) > > Ryan Phillips: in bootkube the goal is to run the apiserver as a non-root user https://github.com/kubernetes-incubator/bootkube/pull/789 thus the [current] 6443 port number > > Clayton Coleman: the issue is for the external LB, also that’s not a goal of bootkube any more, we require host access to log audit entries > > Hongan Li: I think 443 is more meaningful [1] https://github.com/openshift/installer/pull/1123
We've decided to stick with 6443 for the API. We'll make a point to educate customers about the port change.
There's also preliminary testing for load balancers listening on 443 in [1]. [1]: https://github.com/openshift/installer/pull/1378