Skip to content

OSDOCS-17623:Update Google Cloud firewall prereqs. #104053

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
AedinC wants to merge 1 commit into
base: main
Choose a base branch
from
Open

OSDOCS-17623:Update Google Cloud firewall prereqs. #104053

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 0 additions & 5 deletions cloud_experts_osd_tutorials/cloud-experts-osd-create-new-limit-egress.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,6 @@ toc::[]
[role="_abstract"]
Use this guide to implement egress restrictions for {product-title} on {GCP} by using {GCP}'s Next Generation Firewall (NGFW). NGFW is a fully distributed firewall service that allows fully qualified domain name (FQDN) objects in firewall policy rules. This is necessary for many of the external endpoints that {product-title} relies on.

[IMPORTANT]
====
The ability to restrict egress traffic using a firewall or other network device is only supported with {product-title} clusters deployed using Private Service Connect (PSC). Clusters that do not use PSC require a support exception to use this functionality. For additional assistance, please open a link:https://access.redhat.com/support/cases/?extIdCarryOver=true&sc_cid=701f2000001Css5AAC#/case/new/get-support?caseCreate=true[support case].
====

include::modules/cloud-experts-osd-limit-egress-ngfw-prereqs.adoc[leveloffset=+1]

include::modules/cloud-experts-osd-limit-egress-ngfw-setup-environ.adoc[leveloffset=+1]
Expand Down
9 changes: 0 additions & 9 deletions modules/osd-gcp-psc-firewall-prerequisites.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,6 @@

If you are using a firewall to control egress traffic from {product-title} on {GCP}, you must configure your firewall to grant access to certain domains and port combinations listed in the tables below. {product-title} requires this access to provide a fully managed OpenShift service.

[IMPORTANT]
====
Only {product-title} on {GCP} clusters deployed with Private Service Connect can use a firewall to control egress traffic.
====

// .Prerequisites
// Per SMEs, no prereqs. Will confirm with QE when ticket is reviewed.

Expand Down Expand Up @@ -70,10 +65,6 @@ Only {product-title} on {GCP} clusters deployed with Private Service Connect can
|443
|Required. Allows interactions between the cluster and {cluster-manager-first} to enable functionality, such as scheduling upgrades.

|`sso.redhat.com`
|443
|The `https://console.redhat.com/openshift` site uses authentication from `sso.redhat.com`.

|`catalog.redhat.com`
|443
|The `registry.access.redhat.com` and `https://registry.redhat.io` sites redirect through `catalog.redhat.com`.
Expand Down