kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15347 from justinsb/gce_icmpv6 

gce: fix icmpv6 in firewalls
This commit is contained in:
Kubernetes Prow Robot 2023-04-25 23:06:15 -07:00 committed by GitHub
parent b6fe79ab36 b835184ea4
commit 2875f70cb5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkg/model/gcemodel/firewall.go
View File

@ -198,5 +198,14 @@ func (b *GCEModelContext) AddFirewallRulesTasks(c *fi.CloudupModelBuilderContext
ipv6.Disabled = true
ipv6.SourceRanges = []string{"::/0"}
}
var ipv6Allowed []string
for _, allowed := range ipv6.Allowed {
// Map icmp to icmpv6; easier than maintaining separate lists
if allowed == "icmp" {
allowed = "58" // 58 == the IANA protocol number for ICMPv6
}
ipv6Allowed = append(ipv6Allowed, allowed)
}
ipv6.Allowed = ipv6Allowed
c.AddTask(&ipv6)
}