Merge pull request #76773 from mm4tt/kubemark_firewall

Create the "internal" firewall rule for kubemark master.
2025-07-22 11:21:47 +00:00 · 2019-04-18 13:02:14 -07:00 · 2019-04-18 13:02:14 -07:00 · 888d26d119
commit 888d26d119
parent 71152575e7 02f282187b
1 changed files with 11 additions and 0 deletions
--- a/test/kubemark/gce/util.sh
+++ b/test/kubemark/gce/util.sh
@ -102,6 +102,13 @@ function create-master-instance-with-resources {
    --target-tags "${MASTER_TAG}" \
    --allow "tcp:443" &

+  run-gcloud-compute-with-retries firewall-rules create "${MASTER_NAME}-internal" \
+    --project "${PROJECT}" \
+    --network "${NETWORK}" \
+    --source-ranges "10.0.0.0/8" \
+    --target-tags "${MASTER_TAG}" \
+    --allow "tcp:1-2379,tcp:2382-65535,udp:1-65535,icmp" &
+
  wait
 }

@ -136,6 +143,10 @@ function delete-master-instance-and-resources {
 	  --project "${PROJECT}" \
 	  --quiet || true

+  gcloud compute firewall-rules delete "${MASTER_NAME}-internal" \
+	  --project "${PROJECT}" \
+	  --quiet || true
+
  if [ "${SEPARATE_EVENT_MACHINE:-false}" == "true" ]; then
 	  gcloud compute instances delete "${EVENT_STORE_NAME}" \
    	  "${GCLOUD_COMMON_ARGS[@]}" || true