By default, ports between 5900/TCP and 6900/TCP are reserved on cluster nodes for connecting to virtual machines (VMs) via VNC and SPICE. A separate port is used to connect to each VM. If the cluster node hosts more than 1000 VMs, expand the port range used:
- Connect to the cluster node via SSH. For more information about connecting via SSH, see Workstation setup.
- In the /etc/nftables/vmmgr.nft file in the string like: change the "5900-6900" value to the desired range. For example, if you are going to host 2000 VMs on the node, specify the "5900-7900" range:
tcp dport { 5900-6900, 16514, 49152-49215, 8443 } ct state { new, untracked } accept comment "vmmanager ports"tcp dport { 5900-7900, 16514, 49152-49215, 8443 } ct state { new, untracked } accept comment "vmmanager ports" - To apply the settings, we recommend rebooting the cluster node: If this is not possible, restart the nftables subsystem with the commands:
rebootnft flush rulesetnft -f /etc/nftables/vmmgr.nft