Skip to content

Commit 2812fbc

Browse files
SatyanarayanatalluriSatyanarayanatalluri
committed
Fixed firewall rules
1 parent 270c5e0 commit 2812fbc

File tree

1 file changed

+18
-18
lines changed

1 file changed

+18
-18
lines changed

articles/operator-nexus/howto-platform-prerequisites.md

Lines changed: 18 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -399,16 +399,16 @@ Terminal Server has been deployed and configured as follows:
399399
400400
## iDRAC IP Assignment
401401
402-
Before deploying AODS software, it’s best for the Operator to set the iDRAC IPs while organizing the hardware racks. Here’s how to map servers to IPs:
402+
Before deploying the Nexus Cluster, it’s best for the operator to set the iDRAC IPs while organizing the hardware racks. Here’s how to map servers to IPs:
403403
404404
- Assign IPs based on each server’s position within the rack.
405-
- Use the fourth /24 block from the /19 subnet allocated for fabric.
405+
- Use the fourth /24 block from the /19 subnet allocated for Fabric.
406406
- Start assigning IPs from the bottom server upwards in each rack, beginning with 0.11.
407-
- Continue to assign IPs in sequence to the first server at the bottom of the subsequent next rack.
407+
- Continue to assign IPs in sequence to the first server at the bottom of the next rack.
408408
409409
### Example
410410
411-
Fabric range: 10.1.0.0-10.1.31.255 – iDRAC subnet at fourth /24 is 10.1.3.0/24
411+
Fabric range: 10.1.0.0-10.1.31.255 – iDRAC subnet at fourth /24 is 10.1.3.0/24.
412412
413413
| Rack | Server | iDRAC IP |
414414
|--------|---------------|---------------|
@@ -453,7 +453,7 @@ Fabric range: 10.1.0.0-10.1.31.255 – iDRAC subnet at fourth /24 is 10.1.3.0/24
453453
| Rack 4 | Controller 1 | 10.1.3.49/24 |
454454
| Rack 4 | Controller 2 | 10.1.3.50/24 |
455455
456-
An example design of three instances using sequential /19 networks in a /16:
456+
An example design of three on-premises instances from the same NFC/CM pair, using sequential /19 networks in a /16:
457457
458458
| Instance | Fabric Range | iDRAC subnet |
459459
|------------|-------------------------|--------------|
@@ -466,24 +466,24 @@ An example design of three instances using sequential /19 networks in a /16:
466466
- All network fabric devices (except for the Terminal Server) are set to `ZTP` mode
467467
- Servers have default factory settings
468468
469-
## Firewall rules between Azure to undercloud.
469+
## Firewall rules between Azure to Nexus Cluster.
470470
471-
To establish firewall rules between Azure and the undercloud, the Operator must open the specified ports. This ensures proper communication and connectivity for required services.
471+
To establish firewall rules between Azure and the Nexus Cluster, the operator must open the specified ports. This ensures proper communication and connectivity for required services.
472472
473473
474474
| S.No | Source | Destination | Port (TCP/UDP) | Bidirectional | Rule Purpose |
475475
|------|------------------------|-----------------------|-----------------|----------------|----------------------------------------------------------|
476-
| 1 | Azure virtual network | Undercloud | 22 TCP | No | For SSH to undercloud servers from the CM subnet. |
477-
| 2 | Azure virtual network | Undercloud | 443 TCP | No | To access undercloud nodes iDRAC |
478-
| 3 | Azure virtual network | Undercloud | 5900 TCP | No | Gnmi |
479-
| 4 | Azure virtual network | Undercloud | 6030 TCP | No | Gnmi Certs |
480-
| 5 | Azure virtual network | Undercloud | 6443 TCP | No | To access undercloud K8S cluster |
481-
| 6 | Undercloud | Azure virtual network | 8080 TCP | Yes | For mounting ISO image into iDRAC, NNF runtime upgrade |
482-
| 7 | Undercloud | Azure virtual network | 3128 TCP | No | Proxy to connect to global Azure endpoints |
483-
| 8 | Undercloud | Azure virtual network | 53 TCP and UDP | No | DNS |
484-
| 9 | Undercloud | Azure virtual network | 123 UDP | No | NTP |
485-
| 10 | Undercloud | Azure virtual network | 8888 TCP | No | Connecting to Cluster Manager webservice |
486-
| 11 | Undercloud | Azure virtual network | 514 TCP and UDP | No | To access undercloud logs from the Cluster Manager |
476+
| 1 | Azure virtual network | Cluster | 22 TCP | No | For SSH to undercloud servers from the CM subnet. |
477+
| 2 | Azure virtual network | Cluster | 443 TCP | No | To access undercloud nodes iDRAC |
478+
| 3 | Azure virtual network | Cluster | 5900 TCP | No | Gnmi |
479+
| 4 | Azure virtual network | Cluster | 6030 TCP | No | Gnmi Certs |
480+
| 5 | Azure virtual network | Cluster | 6443 TCP | No | To access undercloud K8S cluster |
481+
| 6 | Cluster | Azure virtual network | 8080 TCP | Yes | For mounting ISO image into iDRAC, NNF runtime upgrade |
482+
| 7 | Cluster | Azure virtual network | 3128 TCP | No | Proxy to connect to global Azure endpoints |
483+
| 8 | Cluster | Azure virtual network | 53 TCP and UDP | No | DNS |
484+
| 9 | Cluster | Azure virtual network | 123 UDP | No | NTP |
485+
| 10 | Cluster | Azure virtual network | 8888 TCP | No | Connecting to Cluster Manager webservice |
486+
| 11 | Cluster | Azure virtual network | 514 TCP and UDP | No | To access undercloud logs from the Cluster Manager |
487487
488488
489489
## Install CLI extensions and sign-in to your Azure subscription

0 commit comments

Comments
 (0)