Configuring Firewalls

After an OS is installed, if a common user is configured, you can add the ALWAYS_SET_PATH field to the /etc/login.defs file and set it to yes to prevent unauthorized operations. In addition, to prevent the common user from using the su root command to inherit environment variables to escalate the privileges, you can set ALWAYS_SET_PATH in the server configuration file /etc/default/su to yes.

During installation and deployment of Kubernetes, firewalls must be disabled. In the production environment, for security purposes, you must configure the communication ports and network policies of Kubernetes components and KubeEdge CloudCore on firewalls. For details about the configuration method, see the official document.