Merge pull request #132 from ibuildthecloud/master

Add RKE2 supervisor port to security group
rancher · May 20, 2021 · 154b4ed · 154b4ed
2 parents e7992f7 + 67faee6
commit 154b4ed
Showing 1 changed file with 15 additions and 0 deletions.
diff --git a/drivers/amazonec2/amazonec2.go b/drivers/amazonec2/amazonec2.go
@@ -58,6 +58,7 @@ var (
 	kubeApiPort                          = 6443
 	httpPort                             = 80
 	httpsPort                            = 443
+	supervisorPort                       = 9345
 	nodeExporter                         = 9796
 	etcdPorts                            = []int64{2379, 2380}
 	clusterManagerPorts                  = []int64{6443, 6443}
@@ -1313,6 +1314,20 @@ func (d *Driver) configureSecurityGroupPermissions(group *ec2.SecurityGroup) ([]
 			})
 		}
 
+		// rke2 supervisor
+		if !hasPortsInbound[fmt.Sprintf("%d/tcp", supervisorPort)] {
+			inboundPerms = append(inboundPerms, &ec2.IpPermission{
+				IpProtocol: aws.String("tcp"),
+				FromPort:   aws.Int64(int64(supervisorPort)),
+				ToPort:     aws.Int64(int64(supervisorPort)),
+				UserIdGroupPairs: []*ec2.UserIdGroupPair{
+					{
+						GroupId: group.GroupId,
+					},
+				},
+			})
+		}
+
 		// etcd
 		if !hasPortsInbound[fmt.Sprintf("%d/tcp", etcdPorts[0])] {
 			inboundPerms = append(inboundPerms, &ec2.IpPermission{