kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15955 from justinsb/gce_network_tags_work_with_ipv6 

gce ipv6: we can use network tags with ipv6 addresses
This commit is contained in:
Kubernetes Prow Robot 2023-09-23 12:52:55 -07:00 committed by GitHub
parent c30f1827ae 4557f9b655
commit d82d574dbe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/model/gcemodel/firewall.go
View File

@ -156,6 +156,9 @@ func (b *FirewallModelBuilder) Build(c *fi.CloudupModelBuilderContext) error {
}
if b.NetworkingIsIPAlias() || b.NetworkingIsGCERoutes() {
if b.IsIPv6Only() {
// We can use tags for IPv6, and this is covered by prior rules
} else {
// When using IP alias or custom routes, SourceTags for identifying traffic don't work, and we must recognize by CIDR
if b.Cluster.Spec.Networking.PodCIDR == "" {
@ -174,6 +177,7 @@ func (b *FirewallModelBuilder) Build(c *fi.CloudupModelBuilderContext) error {
Allowed: allProtocols,
})
}
}
return nil
}