kedacore · zroubalik · Mar 15, 2021 · Mar 4, 2021 · Mar 5, 2021
diff --git a/content/docs/2.0/operate/cluster.md b/content/docs/2.0/operate/cluster.md
@@ -26,4 +26,15 @@ Here is an overview of all KEDA deployments and the supported replicas:
 | Deployment     | Support Replicas        | Reasoning                     |
 |----------------|-------------------------|-------------------------------|
 | Operator       | 1                       |                               |
-| Metrics Server | 1                       | Limitation in [k8s custom metrics server](https://github.com/kubernetes-sigs/custom-metrics-apiserver/issues/70) |
+| Metrics Server | 1                       | Limitation in [k8s custom metrics server](https://github.com/kubernetes-sigs/custom-metrics-apiserver/issues/70) |
+
+## Firewall requirements
+
+KEDA requires to be accessible inside the cluster to be able to autoscale.
+
+Here is an overview of the required ports that need to be accessible for KEDA to work:
+
+| Port   | Why?                                         | Remarks                                              |
+| ------ | -------------------------------------------- | ---------------------------------------------------- |
+| `443`  | Used by Kubernetes API server to get metrics | Required for all platforms, except for Google Cloud. |
+| `6443` | Used by Kubernetes API server to get metrics | Only required for Google Cloud                       |
diff --git a/content/docs/2.1/operate/cluster.md b/content/docs/2.1/operate/cluster.md
@@ -4,17 +4,6 @@ description = "Guidance & requirements for running KEDA in your cluster"
 weight = 100
 +++
 
-## High Availability
-
-KEDA does not provide support for high-availability due to upstream limitations.
-
-Here is an overview of all KEDA deployments and the supported replicas:
-
-| Deployment     | Support Replicas        | Reasoning                     |
-|----------------|-------------------------|-------------------------------|
-| Operator       | 1                       |                               |
-| Metrics Server | 1                       | Limitation in [k8s custom metrics server](https://github.com/kubernetes-sigs/custom-metrics-apiserver/issues/70) |
-
 ## Cluster capacity requirements
 
 The KEDA runtime require the following resources in a production-ready setup:
@@ -28,6 +17,28 @@ These are used by default when deploying through YAML.
 
 > 💡 For more info on CPU and Memory resource units and their meaning, see [this](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-units-in-kubernetes) link.
 
+## Firewall requirements
+
+KEDA requires to be accessible inside the cluster to be able to autoscale.
+
+Here is an overview of the required ports that need to be accessible for KEDA to work:
+
+| Port   | Why?                                         | Remarks                                              |
+| ------ | -------------------------------------------- | ---------------------------------------------------- |
+| `443`  | Used by Kubernetes API server to get metrics | Required for all platforms, except for Google Cloud. |
+| `6443` | Used by Kubernetes API server to get metrics | Only required for Google Cloud                       |
+
+## High Availability
+
+KEDA does not provide support for high-availability due to upstream limitations.
+
+Here is an overview of all KEDA deployments and the supported replicas:
+
+| Deployment     | Support Replicas        | Reasoning                     |
+|----------------|-------------------------|-------------------------------|
+| Operator       | 1                       |                               |
+| Metrics Server | 1                       | Limitation in [k8s custom metrics server](https://github.com/kubernetes-sigs/custom-metrics-apiserver/issues/70) |
+
 ## HTTP Timeouts
 
 Some scalers issue HTTP requests to external servers (i.e. cloud services). Each applicable scaler uses its own dedicated HTTP client with its own connection pool, and by default each client is set to time out any HTTP request after 3 seconds. 

diff --git a/content/docs/2.2/operate/cluster.md b/content/docs/2.2/operate/cluster.md
@@ -4,40 +4,42 @@ description = "Guidance & requirements for running KEDA in your cluster"
 weight = 100
 +++
 
-## High Availability
-
-KEDA does not provide support for high-availability due to upstream limitations.
-
-Here is an overview of all KEDA deployments and the supported replicas:
-
-| Deployment     | Support Replicas        | Reasoning                     |
-|----------------|-------------------------|-------------------------------|
-| Operator       | 1                       |                               |
-| Metrics Server | 1                       | Limitation in [k8s custom metrics server](https://github.com/kubernetes-sigs/custom-metrics-apiserver/issues/70) |
-
 ## Cluster capacity requirements
 
 The KEDA runtime require the following resources in a production-ready setup:
 
 | Deployment     | CPU                     | Memory                        |
-|----------------|-------------------------|-------------------------------|
-| Operator       | Limit: 1, Request: 100m | Limit: 1000Mi, Request: 100Mi |
+| -------------- | ----------------------- | ----------------------------- |
 | Metrics Server | Limit: 1, Request: 100m | Limit: 1000Mi, Request: 100Mi |
+| Operator       | Limit: 1, Request: 100m | Limit: 1000Mi, Request: 100Mi |
 
 These are used by default when deploying through YAML.
 
 > 💡 For more info on CPU and Memory resource units and their meaning, see [this](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-units-in-kubernetes) link.
 
+## Firewall requirements
+
+KEDA requires to be accessible inside the cluster to be able to autoscale.
+
+Here is an overview of the required ports that need to be accessible for KEDA to work:
+
+<!-- markdownlint-disable no-inline-html -->
+| Port   | Why?                                         | Remarks                                                                                                                                                   |
+| ------ | -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `443`  | Used by Kubernetes API server to get metrics | Required for all platforms because it uses Control Plane &#8594; port 443 on the Service IP range communication.<br /><br /> This is not applicable for Google Cloud. |
+| `6443` | Used by Kubernetes API server to get metrics | Only required for Google Cloud because it uses Control Plane &#8594; port 6443 on the Pod IP range for communication                                      |
+<!-- markdownlint-enable no-inline-html -->
+
 ## High Availability
 
 KEDA does not provide support for high-availability due to upstream limitations.
 
 Here is an overview of all KEDA deployments and the supported replicas:
 
-| Deployment     | Support Replicas        | Reasoning                     |
-|----------------|-------------------------|-------------------------------|
-| Operator       | 1                       |                               |
-| Metrics Server | 1                       | Limitation in [k8s custom metrics server](https://github.com/kubernetes-sigs/custom-metrics-apiserver/issues/70) |
+| Deployment     | Support Replicas | Reasoning                                                                                                        |
+| -------------- | ---------------- | ---------------------------------------------------------------------------------------------------------------- |
+| Metrics Server | 1                | Limitation in [k8s custom metrics server](https://github.com/kubernetes-sigs/custom-metrics-apiserver/issues/70) |
+| Operator       | 1                |                                                                                                                  |
 
 ## HTTP Timeouts