github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-06 18:54:06 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9670 from cjcullen/fwfix

Browse Source 
Apply test firewalls to both the new gke- node tags and the old k8s- tags
This commit is contained in:
Abhi Shah 2015-06-12 10:13:46 -07:00
commit c08f202fb9
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
cluster/gke/util.sh
View File

@ -166,25 +166,25 @@ function test-setup() {
echo "... in test-setup()" >&2
# Detect the project into $PROJECT if it isn't set
detect-project >&2
detect-minions >&2
# At this point, CLUSTER_NAME should have been used, so its value is final.
MINION_TAG="k8s-${CLUSTER_NAME}-node"
MINION_TAG=$($GCLOUD compute instances describe ${MINION_NAMES[0]} | grep -o "gke-${CLUSTER_NAME}-.\{8\}-node" | head -1)
OLD_MINION_TAG="k8s-${CLUSTER_NAME}-node"
# Open up port 80 & 8080 so common containers on minions can be reached.
# TODO(mbforbes): Is adding ${USER} necessary, and sufficient, to avoid
# collisions here?
"${GCLOUD}" compute firewall-rules create \
"${MINION_TAG}-${USER}-http-alt" \
"${MINION_TAG}-http-alt" \
--allow tcp:80,tcp:8080 \
--project "${PROJECT}" \
--target-tags "${MINION_TAG}" \
--target-tags "${MINION_TAG},${OLD_MINION_TAG}" \
--network="${NETWORK}"
"${GCLOUD}" compute firewall-rules create \
"${MINION_TAG}-${USER}-nodeports" \
"${MINION_TAG}-nodeports" \
--allow tcp:30000-32767,udp:30000-32767 \
--project "${PROJECT}" \
--target-tags "${MINION_TAG}" \
--target-tags "${MINION_TAG},${OLD_MINION_TAG}" \
--network="${NETWORK}"
}
@ -241,10 +241,9 @@ function detect-minions() {
# MINION_NAMES
function detect-minion-names {
detect-project
GROUP_NAME=($(gcloud preview --project "${PROJECT}" instance-groups \
--zone "${ZONE}" list | grep -o "k8s-${CLUSTER_NAME}-.\{8\}-group"))
detect-node-instance-group
MINION_NAMES=($(gcloud preview --project "${PROJECT}" instance-groups \
--zone "${ZONE}" instances --group "${GROUP_NAME}" list \
--zone "${ZONE}" instances --group "${NODE_INSTANCE_GROUP}" list \
| cut -d'/' -f11))
echo "MINION_NAMES=${MINION_NAMES[*]}"
}
@ -310,14 +309,15 @@ function test-teardown() {
echo "... in test-teardown()" >&2
detect-project >&2
detect-minions >&2
# At this point, CLUSTER_NAME should have been used, so its value is final.
MINION_TAG="k8s-${CLUSTER_NAME}-node"
MINION_TAG=$($GCLOUD compute instances describe ${MINION_NAMES[0]} | grep -o "gke-${CLUSTER_NAME}-.\{8\}-node" | head -1)
# First, remove anything we did with test-setup (currently, the firewall).
# NOTE: Keep in sync with names above in test-setup.
"${GCLOUD}" compute firewall-rules delete "${MINION_TAG}-${USER}-http-alt" \
"${GCLOUD}" compute firewall-rules delete "${MINION_TAG}-http-alt" \
--project="${PROJECT}" || true
"${GCLOUD}" compute firewall-rules delete "${MINION_TAG}-${USER}-nodeports" \
"${GCLOUD}" compute firewall-rules delete "${MINION_TAG}-nodeports" \
--project="${PROJECT}" || true
# Then actually turn down the cluster.