From 7abcf0cba222f52139dc4cd934eb807069fd1667 Mon Sep 17 00:00:00 2001
From: Zohreh Jabbari <zjabbari@google.com>
Date: Wed, 3 Jun 2020 11:55:00 -0400
Subject: [PATCH 1/2] Add workaround for Firewall bug in ingress-gce

---
 kubernetes/README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/kubernetes/README.md b/kubernetes/README.md
index c17327bf76..cb8db45510 100644
--- a/kubernetes/README.md
+++ b/kubernetes/README.md
@@ -240,3 +240,6 @@ If the cluster has issues, there are a few things you can check:
 *   Follow a troubleshooting guide. Examples are
     [this](https://learnk8s.io/troubleshooting-deployments) and
     [this](https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/).
+*   As of now there is a known issue with Firewalls in ingress-gce. If you notice this issue showing up in 
+    ingress logs, follow the steps provided in https://github.com/kubernetes/ingress-gce/issues/584, and give 
+    Kubernetes Engine Service Agent (service account) `roles/compute.securityAdmin` and `roles/compute.networkAdmin`.

From c6cac9059aade772bd63b5767ed89841880e0729 Mon Sep 17 00:00:00 2001
From: Zohreh Jabbari <zjabbari@google.com>
Date: Wed, 3 Jun 2020 12:13:00 -0400
Subject: [PATCH 2/2] Update README.md

---
 kubernetes/README.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/kubernetes/README.md b/kubernetes/README.md
index cb8db45510..5409fd337f 100644
--- a/kubernetes/README.md
+++ b/kubernetes/README.md
@@ -240,6 +240,8 @@ If the cluster has issues, there are a few things you can check:
 *   Follow a troubleshooting guide. Examples are
     [this](https://learnk8s.io/troubleshooting-deployments) and
     [this](https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/).
-*   As of now there is a known issue with Firewalls in ingress-gce. If you notice this issue showing up in 
-    ingress logs, follow the steps provided in https://github.com/kubernetes/ingress-gce/issues/584, and give 
-    Kubernetes Engine Service Agent (service account) `roles/compute.securityAdmin` and `roles/compute.networkAdmin`.
+*   As of now there is a known issue with Firewalls in ingress-gce. References [kubernetes/ingress-gce#485](https://github.com/kubernetes/ingress-gce/issues/485) 
+    and/or  [kubernetes/ingress-gce#584](https://github.com/kubernetes/ingress-gce/issues/584)
+    1. Run kubectl describe ingress <ingress-name>
+    1. Look at the suggested commands under "Events", in the form of "Firewall change required by network admin: <gcloud command>". 
+    1. Run each of the suggested commands.