Use the cluster name in the names of the firewall rules that allow cluster-internal traffic to disambiguate the rules belonging to different clusters.

2025-07-30 06:54:01 +00:00 · 2016-12-12 10:58:29 -08:00 · 2016-12-12 10:58:29 -08:00 · d92cf4df5e
commit d92cf4df5e
parent b5cf713bc7
1 changed files with 4 additions and 4 deletions
--- a/cluster/gce/util.sh
+++ b/cluster/gce/util.sh
@ -653,8 +653,8 @@ function create-network() {
    gcloud compute networks create --project "${PROJECT}" "${NETWORK}" --range "10.240.0.0/16"
  fi

-  if ! gcloud compute firewall-rules --project "${PROJECT}" describe "${NETWORK}-default-internal-master" &>/dev/null; then
-    gcloud compute firewall-rules create "${NETWORK}-default-internal-master" \
+  if ! gcloud compute firewall-rules --project "${PROJECT}" describe "${NETWORK}-${CLUSTER_NAME}-default-internal-master" &>/dev/null; then
+    gcloud compute firewall-rules create "${NETWORK}-${CLUSTER_NAME}-default-internal-master" \
      --project "${PROJECT}" \
      --network "${NETWORK}" \
      --source-ranges "10.0.0.0/8" \
@ -662,8 +662,8 @@ function create-network() {
      --target-tags "${MASTER_TAG}"&
  fi

-  if ! gcloud compute firewall-rules --project "${PROJECT}" describe "${NETWORK}-default-internal-node" &>/dev/null; then
-    gcloud compute firewall-rules create "${NETWORK}-default-internal-node" \
+  if ! gcloud compute firewall-rules --project "${PROJECT}" describe "${NETWORK}-${CLUSTER_NAME}-default-internal-node" &>/dev/null; then
+    gcloud compute firewall-rules create "${NETWORK}-${CLUSTER_NAME}-default-internal-node" \
      --project "${PROJECT}" \
      --network "${NETWORK}" \
      --source-ranges "10.0.0.0/8" \