Update scripts to add PodCIDR firewall rule for dns

scripts/bootstrap-controllers.sh

@@ -2,7 +2,7 @@
 set -x
 
 if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} || -z ${KUBERNETES_VERSION} ]]; then
-    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION environment variables"
+    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION (e.g. 'vX.Y.Z') environment variables"
     exit 1
 fi
 

scripts/bootstrap-etcd.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/bash
 set -x
 
-if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} ]]; then
-    echo "Must set NUM_CONTROLLERS and NUM_WORKERS environment variables"
+if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} || -z ${KUBERNETES_VERSION} ]]; then
+    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION (e.g. 'vX.Y.Z') environment variables"
     exit 1
 fi
 

scripts/bootstrap-workers.sh

@@ -4,7 +4,7 @@ set -x
 DOCKER_VERSION=1.12.5
 
 if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} || -z ${KUBERNETES_VERSION} ]]; then
-    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION environment variables"
+    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION (e.g. 'vX.Y.Z') environment variables"
     exit 1
 fi
 

scripts/cleanup.sh

@@ -32,8 +32,8 @@ gcloud -q compute firewall-rules delete \
   kubernetes-allow-healthz \
   kubernetes-allow-icmp \
   kubernetes-allow-internal \
+  kubernetes-allow-internal-podcidr \
   kubernetes-allow-rdp \
-  kubernetes-nginx-service \
   kubernetes-allow-ssh \
   kubernetes-nginx-service
 

scripts/create-routes.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/bash
 set -x
 
-if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} ]]; then
-    echo "Must set NUM_CONTROLLERS and NUM_WORKERS environment variables"
+if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} || -z ${KUBERNETES_VERSION} ]]; then
+    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION (e.g. 'vX.Y.Z') environment variables"
     exit 1
 fi
 

scripts/kube-up.sh

@@ -2,7 +2,12 @@
 set -x
 
 if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} || -z ${KUBERNETES_VERSION} ]]; then
-    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION environment variables"
+    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION (e.g. 'vX.Y.Z') environment variables"
+    exit 1
+fi
+
+if [[ ! ${KUBERNETES_VERSION} =~ ^v[0-9].[0-9].[0-9]$ ]]; then
+    echo "KUBERNETES_VERSION must be in form 'vX.Y.Z'"
     exit 1
 fi
 

scripts/setup-ca.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/bash
 set -x
 
-if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} ]]; then
-    echo "Must set NUM_CONTROLLERS and NUM_WORKERS environment variables"
+if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} || -z ${KUBERNETES_VERSION} ]]; then
+    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION (e.g. 'vX.Y.Z') environment variables"
     exit 1
 fi
 
@@ -114,4 +114,5 @@ done
 
 for host in ${kube_hosts}; do
   gcloud compute copy-files ca.pem kubernetes-key.pem kubernetes.pem ${host}:~/
+  sleep 2
 done

scripts/start-infra-gcp.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/bash
 set -x
 
-if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} ]]; then
-    echo "Must set NUM_CONTROLLERS and NUM_WORKERS env vars"
+if [[ -z ${NUM_CONTROLLERS} || -z ${NUM_WORKERS} || -z ${KUBERNETES_VERSION} ]]; then
+    echo "Must set NUM_CONTROLLERS, NUM_WORKERS and KUBERNETES_VERSION (e.g. 'vX.Y.Z') environment variables"
     exit 1
 fi
 
@@ -25,6 +25,11 @@ gcloud compute firewall-rules create kubernetes-allow-internal \
   --network kubernetes \
   --source-ranges 10.240.0.0/24
 
+gcloud compute firewall-rules create kubernetes-allow-internal-podcidr \
+    --allow tcp:0-65535,udp:0-65535,icmp \
+    --network kubernetes \
+    --source-ranges 10.200.0.0/16
+
 gcloud compute firewall-rules create kubernetes-allow-rdp \
   --allow tcp:3389 \
   --network kubernetes \