From f5f8c1983f4030b2ea4d5e7c8e1cacc471eba3ea Mon Sep 17 00:00:00 2001
From: Magnus Andersson <mandersson@sunet.se>
Date: Wed, 16 Oct 2024 21:55:13 +0200
Subject: [PATCH] microk8s sg: Add udp port 51820 to allow calico wireguard
 internode CNI overlay vpn

---
 IaC-test/securitygroups.tf | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/IaC-test/securitygroups.tf b/IaC-test/securitygroups.tf
index 0cc6649..db6e925 100644
--- a/IaC-test/securitygroups.tf
+++ b/IaC-test/securitygroups.tf
@@ -176,6 +176,24 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule18" {
   remote_group_id   = openstack_networking_secgroup_v2.microk8s.id
   security_group_id = openstack_networking_secgroup_v2.microk8s.id
 }
+resource "openstack_networking_secgroup_rule_v2" "microk8s_rule17" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "udp"
+  port_range_min    = 51820
+  port_range_max    = 51820
+  remote_group_id   = openstack_networking_secgroup_v2.microk8s.id
+  security_group_id = openstack_networking_secgroup_v2.microk8s.id
+}
+resource "openstack_networking_secgroup_rule_v2" "microk8s_rule18" {
+  direction         = "ingress"
+  ethertype         = "IPv6"
+  protocol          = "udp"
+  port_range_min    = 51820
+  port_range_max    = 51820
+  remote_group_id   = openstack_networking_secgroup_v2.microk8s.id
+  security_group_id = openstack_networking_secgroup_v2.microk8s.id
+}
 
 resource "openstack_networking_secgroup_v2" "https" {
   name        = "https"