You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/openshift/howto-bring-nsg.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,11 +18,11 @@ Typically, when setting up an ARO cluster, you must designate a resource group f
18
18
19
19
During the cluster creation process, the ARO Resource Provider (RP) establishes a dedicated resource group specific to the cluster's needs. This group houses various cluster-specific resources like node VMs, load balancers, and Network Security Groups (NSGs), as depicted by the Managed Resource Group in the following diagram. The Managed Resource Group is tightly secured, prohibiting any modifications to its contents, including the NSG linked to the VNET subnets specified during cluster creation. In some situations, the NSG generated by the ARO RP might not adhere to the security policies of certain organizations.
20
20
21
-
:::image type="content" source="media/howto-bring-nsg/network-security-group-old.png" alt-text="Diagram showing an overview of how network security groups work in a typical ARO cluster.":::
21
+
:::image type="content" source="media/howto-bring-nsg/network-security-group-old.png" alt-text="Diagram showing an overview of how network security groups work in a typical ARO cluster." lightbox="media/howto-bring-nsg/network-security-group-old.png":::
22
22
23
23
This article shows how to use the "bring your own" Network Security Group (NSG) feature to attach your own preconfigured NSG residing in the Base/VNET resource group (RG) (shown in the following diagram as BYO-NSG) to the ARO cluster subnets. Since you own this preconfigured NSG, you can add/remove rules during the lifetime of the ARO cluster.
24
24
25
-
:::image type="content" source="media/howto-bring-nsg/network-security-group-new.png" alt-text="Diagram showing an overview of how to bring your own network security group works in Azure Red Hat OpenShift.":::
25
+
:::image type="content" source="media/howto-bring-nsg/network-security-group-new.png" alt-text="Diagram showing an overview of how to bring your own network security group works in Azure Red Hat OpenShift." lightbox="media/howto-bring-nsg/network-security-group-new.png":::
26
26
27
27
## General capabilities and limitations
28
28
@@ -90,7 +90,7 @@ This article shows how to use the "bring your own" Network Security Group (NSG)
90
90
91
91
The following example has the Cluster Public Load-balancer as shown in the screenshot/CLI output:
92
92
93
-
:::image type="content" source="media/howto-bring-nsg/ip-configuration-load-balancer.png" alt-text="Screenshot of the cluster's public load balancer as shown with the output from the command.":::
93
+
:::image type="content" source="media/howto-bring-nsg/ip-configuration-load-balancer.png" alt-text="Screenshot of the cluster's public load balancer as shown with the output from the command." lightbox="media/howto-bring-nsg/ip-configuration-load-balancer.png":::
94
94
95
95
```Output
96
96
$ oc get svc | grep tools
@@ -100,6 +100,6 @@ This article shows how to use the "bring your own" Network Security Group (NSG)
100
100
5d20
101
101
```
102
102
103
-
:::image type="content" source="media/howto-bring-nsg/load-balancer-output.png" alt-text="Screenshot showing inbound and outbound security rules.":::
0 commit comments