From 5f93c703bdf22bd9fb831f6cb8cf70cf0e2f6b63 Mon Sep 17 00:00:00 2001 From: Maksim Paskal Date: Sun, 14 Apr 2024 11:27:06 +0100 Subject: [PATCH] fix hcloud types Signed-off-by: Maksim Paskal --- pkg/api/api.go | 110 +++++++++++++++++++++++++++---------------------- 1 file changed, 60 insertions(+), 50 deletions(-) diff --git a/pkg/api/api.go b/pkg/api/api.go index bffa256..99e9034 100644 --- a/pkg/api/api.go +++ b/pkg/api/api.go @@ -995,25 +995,28 @@ func (api *ApplicationAPI) CreateFirewall(ctx context.Context, createControlPlan sharedRules := []hcloud.FirewallRule{ { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*anyIPv4, *anyIPv6}, - Protocol: "tcp", - Port: hcloud.Ptr("22"), - Description: hcloud.Ptr("SSH to server"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*anyIPv4, *anyIPv6}, + DestinationIPs: []net.IPNet{}, + Protocol: "tcp", + Port: hcloud.Ptr("22"), + Description: hcloud.Ptr("SSH to server"), }, { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*clusterNetwork}, - Protocol: "udp", - Port: hcloud.Ptr("8285"), - Description: hcloud.Ptr("flannel overlay network - udp backend"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*clusterNetwork}, + DestinationIPs: []net.IPNet{}, + Protocol: "udp", + Port: hcloud.Ptr("8285"), + Description: hcloud.Ptr("flannel overlay network - udp backend"), }, { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*clusterNetwork}, - Protocol: "udp", - Port: hcloud.Ptr("8472"), - Description: hcloud.Ptr("flannel overlay network - vxlan backend"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*clusterNetwork}, + DestinationIPs: []net.IPNet{}, + Protocol: "udp", + Port: hcloud.Ptr("8472"), + Description: hcloud.Ptr("flannel overlay network - vxlan backend"), }, } @@ -1033,39 +1036,44 @@ func (api *ApplicationAPI) CreateFirewall(ctx context.Context, createControlPlan }, Rules: append(sharedRules, []hcloud.FirewallRule{ { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*anyIPv4, *anyIPv6}, // flannel do not start if only clusternetwork - Protocol: "tcp", - Port: hcloud.Ptr("6443"), - Description: hcloud.Ptr("Kubernetes API server"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*anyIPv4, *anyIPv6}, // flannel do not start if only clusternetwork + DestinationIPs: []net.IPNet{}, + Protocol: "tcp", + Port: hcloud.Ptr("6443"), + Description: hcloud.Ptr("Kubernetes API server"), }, { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*anyIPv4, *anyIPv6}, // other master nodes can not connect if only clusternetwork - Protocol: "tcp", - Port: hcloud.Ptr("2379-2380"), - Description: hcloud.Ptr("etcd server client API"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*anyIPv4, *anyIPv6}, // other master nodes can not connect if only clusternetwork + DestinationIPs: []net.IPNet{}, + Protocol: "tcp", + Port: hcloud.Ptr("2379-2380"), + Description: hcloud.Ptr("etcd server client API"), }, { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*clusterNetwork}, - Protocol: "tcp", - Port: hcloud.Ptr("10250"), - Description: hcloud.Ptr("Kubelet API"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*clusterNetwork}, + DestinationIPs: []net.IPNet{}, + Protocol: "tcp", + Port: hcloud.Ptr("10250"), + Description: hcloud.Ptr("Kubelet API"), }, { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*clusterNetwork}, - Protocol: "tcp", - Port: hcloud.Ptr("10259"), - Description: hcloud.Ptr("kube-scheduler"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*clusterNetwork}, + DestinationIPs: []net.IPNet{}, + Protocol: "tcp", + Port: hcloud.Ptr("10259"), + Description: hcloud.Ptr("kube-scheduler"), }, { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*clusterNetwork}, - Protocol: "tcp", - Port: hcloud.Ptr("10257"), - Description: hcloud.Ptr("kube-controller-manager"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*clusterNetwork}, + DestinationIPs: []net.IPNet{}, + Protocol: "tcp", + Port: hcloud.Ptr("10257"), + Description: hcloud.Ptr("kube-controller-manager"), }, }...), } @@ -1085,18 +1093,20 @@ func (api *ApplicationAPI) CreateFirewall(ctx context.Context, createControlPlan }, Rules: append(sharedRules, []hcloud.FirewallRule{ { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*clusterNetwork}, - Protocol: "tcp", - Port: hcloud.Ptr("10250"), - Description: hcloud.Ptr("Kubelet API"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*clusterNetwork}, + DestinationIPs: []net.IPNet{}, + Protocol: "tcp", + Port: hcloud.Ptr("10250"), + Description: hcloud.Ptr("Kubelet API"), }, { - Direction: hcloud.FirewallRuleDirectionIn, - SourceIPs: []net.IPNet{*clusterNetwork}, - Protocol: "tcp", - Port: hcloud.Ptr("30000-32767"), - Description: hcloud.Ptr("NodePort Services"), + Direction: hcloud.FirewallRuleDirectionIn, + SourceIPs: []net.IPNet{*clusterNetwork}, + DestinationIPs: []net.IPNet{}, + Protocol: "tcp", + Port: hcloud.Ptr("30000-32767"), + Description: hcloud.Ptr("NodePort Services"), }, }...), }