Merge pull request #9493 from zalando-incubator/steadybit

linki · web-flow · commit 28739fec727a · 2025-06-04T10:04:30.000+02:00
Open up worker-to-worker communication
diff --git a/cluster/cluster.yaml b/cluster/cluster.yaml
@@ -915,46 +915,12 @@ Resources:
       SourceSecurityGroupId: !Ref MasterSecurityGroup
       ToPort: 10250
     Type: 'AWS::EC2::SecurityGroupIngress'
-  WorkerSecurityGroupIngressFromWorkerToFlannel:
-    Properties:
-      FromPort: 8472
-      GroupId: !Ref WorkerSecurityGroup
-      IpProtocol: udp
-      SourceSecurityGroupId: !Ref WorkerSecurityGroup
-      ToPort: 8472
-    Type: 'AWS::EC2::SecurityGroupIngress'
-  WorkerSecurityGroupIngressFromWorkerToWorkerKubeletAndKubeProxy:
-    Properties:
-      FromPort: 10249 # KubeProxy
-      GroupId: !Ref WorkerSecurityGroup
-      IpProtocol: tcp
-      SourceSecurityGroupId: !Ref WorkerSecurityGroup
-      ToPort: 10250 # Kubelet
-    Type: 'AWS::EC2::SecurityGroupIngress'
-  WorkerSecurityGroupIngressFromWorkerToWorkerSkipperMetrics:
-    Properties:
-      FromPort: 9911
-      GroupId: !Ref WorkerSecurityGroup
-      IpProtocol: tcp
-      SourceSecurityGroupId: !Ref WorkerSecurityGroup
-      ToPort: 9911
-    Type: 'AWS::EC2::SecurityGroupIngress'
-  WorkerSecurityGroupIngressFromWorkerToWorkerSkipperTokeninfoMetrics:
-    Properties:
-      FromPort: 9022
-      GroupId: !Ref WorkerSecurityGroup
-      IpProtocol: tcp
-      SourceSecurityGroupId: !Ref WorkerSecurityGroup
-      ToPort: 9022
-    Type: 'AWS::EC2::SecurityGroupIngress'
-  WorkerSecurityGroupIngressFromWorkerToNodeMonitor:
+  WorkerSecurityGroupWorkerToWorker:
+    Type: AWS::EC2::SecurityGroupIngress
     Properties:
-      FromPort: 9100
-      ToPort: 9101
+      IpProtocol: "-1"
       GroupId: !Ref WorkerSecurityGroup
-      IpProtocol: tcp
       SourceSecurityGroupId: !Ref WorkerSecurityGroup
-    Type: 'AWS::EC2::SecurityGroupIngress'
   EFSSecurityGroupIngressFromWorkerSecurityGroup:
     Properties:
       FromPort: 2049
