Merge pull request #77117 from mm4tt/automated-cherry-pick-of-#76773-upstream-release-1.14

Automated cherry pick of #76773: Create the "internal" firewall rule for kubemark master.
2019-05-02 14:00:49 -07:00 · 2019-05-02 14:00:49 -07:00 · 8e8dea6d8a
parent f350b2cfed 88772692b8
commit 8e8dea6d8a
1 changed files with 11 additions and 0 deletions
--- a/test/kubemark/gce/util.sh
+++ b/test/kubemark/gce/util.sh
@ -102,6 +102,13 @@ function create-master-instance-with-resources {
    --target-tags "${MASTER_TAG}" \
    --allow "tcp:443" &

+  run-gcloud-compute-with-retries firewall-rules create "${MASTER_NAME}-internal" \
+    --project "${PROJECT}" \
+    --network "${NETWORK}" \
+    --source-ranges "10.0.0.0/8" \
+    --target-tags "${MASTER_TAG}" \
+    --allow "tcp:1-2379,tcp:2382-65535,udp:1-65535,icmp" &
+
  wait
 }

@ -136,6 +143,10 @@ function delete-master-instance-and-resources {
 	  --project "${PROJECT}" \
 	  --quiet || true

+  gcloud compute firewall-rules delete "${MASTER_NAME}-internal" \
+	  --project "${PROJECT}" \
+	  --quiet || true
+
  if [ "${SEPARATE_EVENT_MACHINE:-false}" == "true" ]; then
 	  gcloud compute instances delete "${EVENT_STORE_NAME}" \
    	  "${GCLOUD_COMMON_ARGS[@]}" || true