Run Rancher 2.x HA without port 22?

Hello, everyone.

I have a working cluster in a HA install, and my nodes are hosted in AWS. For security reasons, I have to close port 22 on any Worker nodes from this cluster. Thing is, I think it stops me from registering new nodes in my cluster. In other words, I can’t seem to register nodes that don’t have port 22 open for everyone. Trying to do so gets me stuck in “Waiting to register with Kubernetes”.

In AWS we have security groups acting like firewall rules, and I tried making SSH only accessible to the HA nodes’ IPs, but that didn’t work…

My question is: is there any way I can register new nodes without port 22 being open to the world?