From 03503a562715d83069e25fcccd97c7e39488f42f Mon Sep 17 00:00:00 2001
From: Dawn Chen <dawnchen@google.com>
Date: Tue, 28 Oct 2014 13:47:49 -0700
Subject: [PATCH] Always check default-internal firewall absent or not; if not,
 create it anyway.

---
 cluster/gce/util.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/cluster/gce/util.sh b/cluster/gce/util.sh
index e8e62b78c4..6367644a8e 100755
--- a/cluster/gce/util.sh
+++ b/cluster/gce/util.sh
@@ -244,6 +244,9 @@ function kube-up {
     # The network needs to be created synchronously or we have a race. The
     # firewalls can be added concurrent with instance creation.
     gcutil addnetwork "${NETWORK}" --range "10.240.0.0/16"
+  fi
+
+  if ! gcutil getfirewall "${NETWORK}-default-internal" >/dev/null 2>&1; then
     gcutil addfirewall "${NETWORK}-default-internal" \
       --project "${PROJECT}" \
       --norespect_terminal_width \
@@ -251,6 +254,9 @@ function kube-up {
       --network "${NETWORK}" \
       --allowed_ip_sources "10.0.0.0/8" \
       --allowed "tcp:1-65535,udp:1-65535,icmp" &
+  fi
+
+  if ! gcutil getfirewall "${NETWORK}-default-ssh" >/dev/null 2>&1; then
     gcutil addfirewall "${NETWORK}-default-ssh" \
       --project "${PROJECT}" \
       --norespect_terminal_width \