Some distributions of Linux derived from RHEL, including Oracle Linux, may have default firewall rules that block communication with Helm.

    For example, one Oracle Linux image in AWS has REJECT rules that stop Helm from communicating with Tiller:

    This section describes how to use firewalld to apply the for nodes in a high-availability Rancher server cluster.

    Prerequisite

    Install v7.x or later ofvfirewalld:

    Applying Firewall Port Rules

    1. firewall-cmd --permanent --add-port=22/tcp
    2. firewall-cmd --permanent --add-port=80/tcp
    4. firewall-cmd --permanent --add-port=2379/tcp
    5. firewall-cmd --permanent --add-port=2380/tcp
    6. firewall-cmd --permanent --add-port=6443/tcp
    7. firewall-cmd --permanent --add-port=9099/tcp
    9. firewall-cmd --permanent --add-port=10254/tcp
    10. firewall-cmd --permanent --add-port=30000-32767/tcp

    If your Rancher server nodes have separate roles, use the following commands based on the role of the node:

    After the firewall-cmd commands have been run on a node, use the following command to enable the firewall rules:

    1. firewall-cmd --reload