Change flannel port from 8472 to 4789

* Change flannel port from the kernel default 8472 to the IANA assigned VXLAN port 4789 * Update firewall rules or security groups for VXLAN * Why now? Calico now offers its own VXLAN backend so standardizing on the IANA port will simplify config * https://github.com/coreos/flannel/blob/master/Documentation/backends.md#vxlan
2025-07-22 10:11:34 +02:00 · 2019-05-06 21:56:38 -07:00
parent 2d19ab8457
commit af18296bc5
16 changed files with 97 additions and 76 deletions
--- a/digital-ocean/container-linux/kubernetes/bootkube.tf
+++ b/digital-ocean/container-linux/kubernetes/bootkube.tf
@ -1,6 +1,6 @@
 # Self-hosted Kubernetes assets (kubeconfig, manifests)
 module "bootkube" {
-  source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=b96d641f6d42cf5d9bf3ac36f557aa21cc157680"
+  source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=fc7a6fb20abe41ccd40f3449ee8ee7bba7bd9932"

  cluster_name          = "${var.cluster_name}"
  api_servers           = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
--- a/digital-ocean/container-linux/kubernetes/network.tf
+++ b/digital-ocean/container-linux/kubernetes/network.tf
@ -12,7 +12,7 @@ resource "digitalocean_firewall" "rules" {
    },
    {
      protocol    = "udp"
-      port_range  = "8472"
+      port_range  = "4789"
      source_tags = ["${digitalocean_tag.controllers.name}", "${digitalocean_tag.workers.name}"]
    },
    {