1 min • read

Provider Prerequisites for Traffic Manager

GKE

Firewall Rules for private clusters

A GKE cluster with private networking will come preconfigured with firewall rules that prevent the Traffic Manager's webhook injector from being invoked by the Kubernetes API server. For Telepresence to work in such a cluster, you'll need to add a firewall rule allowing the Kubernetes masters to access TCP port 8443 in your pods. For example, for a cluster named tele-webhook-gke in region us-central1-c1: