Skip to content

Commit

Permalink
Merge pull request #7829 from zetaab/fixport
Browse files Browse the repository at this point in the history 
fix firewalls for OpenStack
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Oct 28, 2019
2 parents ff29cab + a09a920 commit cbb14f3
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 0 deletions.
12 changes: 12 additions & 0 deletions pkg/model/openstackmodel/firewall.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,18 @@ func (b *FirewallModelBuilder) addETCDRules(c *fi.ModelBuilderContext, sgMap map
addDirectionalGroupRule(c, masterSG, masterSG, etcdRule)
addDirectionalGroupRule(c, masterSG, masterSG, etcdPeerRule)

for _, portRange := range wellknownports.ETCDPortRanges() {
etcdMgmrRule := &openstacktasks.SecurityGroupRule{
Lifecycle: b.Lifecycle,
Direction: s(string(rules.DirIngress)),
Protocol: s(string(rules.ProtocolTCP)),
EtherType: s(string(rules.EtherType4)),
PortRangeMin: i(portRange.Min),
PortRangeMax: i(portRange.Max),
}
addDirectionalGroupRule(c, masterSG, masterSG, etcdMgmrRule)
}

if b.Cluster.Spec.Networking.Romana != nil ||
b.Cluster.Spec.Networking.Calico != nil {

Expand Down
6 changes: 6 additions & 0 deletions pkg/wellknownports/wellknownports.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,3 +54,9 @@ func DNSGossipPortRanges() []PortRange {
{Min: 3998, Max: 4000},
}
}

func ETCDPortRanges() []PortRange {
return []PortRange{
{Min: 3994, Max: 3997},
}
}

0 comments on commit cbb14f3

Please sign in to comment.