security group changes for kubectl logs and calico
rossf7 opened this issue · comments
For both kubectl logs
and kubectl exec
to work the master needs to be able to access the kubelet port (default 10250) on the workers.
https://github.com/giantswarm/k8scloudconfig/blob/master/templates.go#L1371
We also need port 179 in both directions from master to worker for the Calico BGP backend.