I'm setting up a Kubernetes cluster in a production environment using RKE2, but my security team insists that the firewall should remain active. Is it possible to run RKE2 with the firewall on? I've checked the documentation, but it hasn't helped me resolve the issue.
1 Answer
Yes, you can definitely run RKE2 with the firewall enabled. Just make sure to open the necessary ports mentioned in the documentation on your firewall. For instance, I have successfully set up RKE2 on AWS EC2 and configured a Security Group that opens only the required ports instead of allowing traffic from everywhere. This keeps things secure while ensuring everything functions properly.
Just a heads up, if you're using firewalld, it can conflict with the CNI when applying rules. Disabling firewalld while using custom iptables rules might satisfy your security requirements and keep RKE2 running smoothly.