From 4d4a5860ccfcb3a7ffcce4b442103f1337169248 Mon Sep 17 00:00:00 2001 From: Amber Alston Date: Wed, 17 Sep 2025 16:02:04 -0600 Subject: [PATCH 1/2] Added note about k0s prober until it is eliminated fully --- docs/enterprise/installing-embedded-requirements.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/enterprise/installing-embedded-requirements.mdx b/docs/enterprise/installing-embedded-requirements.mdx index 9f88244ef4..b9291d814d 100644 --- a/docs/enterprise/installing-embedded-requirements.mdx +++ b/docs/enterprise/installing-embedded-requirements.mdx @@ -39,6 +39,8 @@ This topic lists the installation requirements for Replicated Embedded Cluster. * Required only if the application uses the [Replicated private registry](/vendor/private-images-replicated). +**Note:** If monitoring outbound traffic attempts you may see an occasional attempted call to `updates.k0sproject.io`, approximately every 30 minutes. This is a feature of the upstream k0s project to check for k0s updates. The Embedded Cluster does not use this feature and blocking it in your firewall rules will not impact Replicated product functionality. In a coming [patch version](https://github.com/k0sproject/k0s/pull/6328) of upstream k0s 1.33 this probe can be disabled, and this probe chatter will be eliminated from Embedded Cluster. + ## About Firewalld Configuration When Firewalld is enabled in the installation environment, Embedded Cluster modifies the Firewalld config to allow traffic over the pod and service networks and to open the required ports on the host. No additional configuration is required. @@ -86,4 +88,4 @@ The following ports are opened in the default zone: 4789 UDP - \ No newline at end of file + From 30519fdf5660ea1273650d8a10c0a6d462545be7 Mon Sep 17 00:00:00 2001 From: Paige Calvert Date: Wed, 17 Sep 2025 16:57:03 -0600 Subject: [PATCH 2/2] Update installing-embedded-requirements.mdx --- docs/enterprise/installing-embedded-requirements.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/enterprise/installing-embedded-requirements.mdx b/docs/enterprise/installing-embedded-requirements.mdx index b9291d814d..60bc2d735b 100644 --- a/docs/enterprise/installing-embedded-requirements.mdx +++ b/docs/enterprise/installing-embedded-requirements.mdx @@ -39,7 +39,9 @@ This topic lists the installation requirements for Replicated Embedded Cluster. * Required only if the application uses the [Replicated private registry](/vendor/private-images-replicated). -**Note:** If monitoring outbound traffic attempts you may see an occasional attempted call to `updates.k0sproject.io`, approximately every 30 minutes. This is a feature of the upstream k0s project to check for k0s updates. The Embedded Cluster does not use this feature and blocking it in your firewall rules will not impact Replicated product functionality. In a coming [patch version](https://github.com/k0sproject/k0s/pull/6328) of upstream k0s 1.33 this probe can be disabled, and this probe chatter will be eliminated from Embedded Cluster. +:::note +If you monitor the outbound traffic attempts made by Embedded Cluster, you might see an attempted call to `updates.k0sproject.io` approximately every 30 minutes. These calls are made by a feature of the upstream k0s project called `update-prober`, which checks for k0s updates. Embedded Cluster does not use the `update-prober` feature and blocking it in your firewall rules will not affect Replicated product functionality. +::: ## About Firewalld Configuration