Document URL:

https://docs.openshift.com/container-platform/4.10/installing/installing_vsphere/installing-vsphere.html#installation-load-balancing-user-infra_installing-vsphere

Section Number and Name:

Installing / Installing on vSphere / Installing a cluster on vSphere with user-provisioned infrastructure

Describe the issue:

Table 9 shows that it is required to expose stats port 1936 through ingress load balancer. That is not correct and doesn't make any sense.

Port 1936 must be allowed from the firewalls because internal components need to be able to reach it for monitoring purposes. However, the main ingress load balancer should not expose it, as users don't need to access those stats (and in most cases, shouldn't).

Suggestions for improvement:

• Remove that port from Table 9
• Make more explicit that the port needs to be open on the ingress nodes at firewalls, but not exposed via balancer.

Additional information:

Even the example config "Sample API and application ingress load balancer configuration" doesn't forward that port, but uses it to expose the stats from the example ingress load balancer.