@@ -40,6 +40,7 @@ resource "exoscale_security_group_rule" "kubelet" {
40
40
user_security_group_id = exoscale_security_group. my_sks_security_group . id
41
41
}
42
42
43
+ # mandatory rules for Calico CNI (default)
43
44
resource "exoscale_security_group_rule" "calico_vxlan" {
44
45
security_group_id = exoscale_security_group. my_sks_security_group . id
45
46
description = " VXLAN (Calico)"
@@ -51,6 +52,40 @@ resource "exoscale_security_group_rule" "calico_vxlan" {
51
52
user_security_group_id = exoscale_security_group. my_sks_security_group . id
52
53
}
53
54
55
+ # mandatory rules for Cilium CNI (default)
56
+ # resource "exoscale_security_group_rule" "cilium_icmp_health" {
57
+ # security_group_id = exoscale_security_group.my_sks_security_group.id
58
+ # description = "Cilium ICMP healthcheck"
59
+ # type = "INGRESS"
60
+ # protocol = "ICMP"
61
+ # icmp_type = 8
62
+ # icmp_code = 0
63
+ # # (beetwen worker nodes only)
64
+ # user_security_group_id = exoscale_security_group.my_sks_security_group.id
65
+ # }
66
+
67
+ # resource "exoscale_security_group_rule" "cilium_vxlan" {
68
+ # security_group_id = exoscale_security_group.my_sks_security_group.id
69
+ # description = "VXLan (Cilium)"
70
+ # type = "INGRESS"
71
+ # protocol = "UDP"
72
+ # start_port = 8472
73
+ # end_port = 8472
74
+ # # (beetwen worker nodes only)
75
+ # user_security_group_id = exoscale_security_group.my_sks_security_group.id
76
+ # }
77
+
78
+ # resource "exoscale_security_group_rule" "cilium_udp_health" {
79
+ # security_group_id = exoscale_security_group.my_sks_security_group.id
80
+ # description = "Cilium UDP healthcheck"
81
+ # type = "INGRESS"
82
+ # protocol = "UDP"
83
+ # start_port = 4240
84
+ # end_port = 4240
85
+ # # (beetwen worker nodes only)
86
+ # user_security_group_id = exoscale_security_group.my_sks_security_group.id
87
+ # }
88
+
54
89
resource "exoscale_security_group_rule" "nodeport_tcp" {
55
90
security_group_id = exoscale_security_group. my_sks_security_group . id
56
91
description = " Nodeport TCP services"
0 commit comments