From d3cd897b08b41c4c1d0a6f072a8c5219c583833a Mon Sep 17 00:00:00 2001
From: Ivan Font <ifont@redhat.com>
Date: Fri, 20 Jan 2017 09:32:53 -0800
Subject: [PATCH] Add firewall rule to allow pods access to PodCIDR

This fixes issue #88 to allow pods access to PodCIDR such as the case of
DNS. When pods come up with an IP address in the cluster CIDR range,
they cannot access kubedns without a firewall rule to enable it. This
would also prevent pods from accessing each other depending on the
application.
---
 docs/01-infrastructure-gcp.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/docs/01-infrastructure-gcp.md b/docs/01-infrastructure-gcp.md
index bfb7464..7309b35 100644
--- a/docs/01-infrastructure-gcp.md
+++ b/docs/01-infrastructure-gcp.md
@@ -63,6 +63,13 @@ gcloud compute firewall-rules create kubernetes-allow-internal \
   --source-ranges 10.240.0.0/24
 ```
 
+```
+gcloud compute firewall-rules create kubernetes-allow-internal-podcidr \
+    --allow tcp:0-65535,udp:0-65535,icmp \
+    --network kubernetes \
+    --source-ranges 10.200.0.0/16
+```
+
 ```
 gcloud compute firewall-rules create kubernetes-allow-rdp \
   --allow tcp:3389 \