github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #201 from Random-Liu/set-iptables

Browse Source 
Configure iptables to accept all TCP/UDP/ICMP packets.
This commit is contained in:
Lantao Liu 2017-09-01 16:31:25 -07:00 committed by GitHub
commit 7923171b2e
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
hack/test-e2e-node.sh
View File

@ -33,6 +33,22 @@ if [[ -z "${GOPATH}" ]]; then
exit 1
fi
ORIGINAL_RULES=`mktemp`
sudo iptables-save > ${ORIGINAL_RULES}
# Update ip firewall
# We need to add rules to accept all TCP/UDP/ICMP packets.
if sudo iptables -L INPUT | grep "Chain INPUT (policy DROP)" > /dev/null; then
sudo iptables -A INPUT -w -p TCP -j ACCEPT
sudo iptables -A INPUT -w -p UDP -j ACCEPT
sudo iptables -A INPUT -w -p ICMP -j ACCEPT
fi
if sudo iptables -L FORWARD | grep "Chain FORWARD (policy DROP)" > /dev/null; then
sudo iptables -A FORWARD -w -p TCP -j ACCEPT
sudo iptables -A FORWARD -w -p UDP -j ACCEPT
sudo iptables -A FORWARD -w -p ICMP -j ACCEPT
fi
# Get kubernetes
KUBERNETES_REPO="https://github.com/kubernetes/kubernetes"
KUBERNETES_PATH="${GOPATH}/src/k8s.io/kubernetes"
@ -55,3 +71,6 @@ make test-e2e-node \
TEST_ARGS='--kubelet-flags=--cgroups-per-qos=true --kubelet-flags=--cgroup-root=/' # Enable the QOS tree.
kill_cri_containerd
sudo iptables-restore < ${ORIGINAL_RULES}
rm ${ORIGINAL_RULES}