The inboundPort settings of the first node in the group dictated the firewall configuration. Subsequent nodes added to the group had their inboundPort settings ignored.
GCE firewalls specify their "target" (VM instances) by means of tags - if a targetTag on a firewall matches the tag on an instance, the firewall's rules are allowed for the instance. This commit applies a tag for each requested inboundPort to new instances. Then, a firewall is created for each tag (if one does not already exist) which has 'allow' rules for the port. You can merge this Pull Request by running: git pull https://github.com/richardcloudsoft/jclouds-labs JCLOUDS-367 Or you can view, comment on it, or merge it online at: https://github.com/jclouds/jclouds-labs/pull/33 -- Commit Summary -- * JCLOUDS-367: GCE nodes n>1 ignoring inboundPort -- File Changes -- M google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/GoogleComputeEngineService.java (37) M google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/GoogleComputeEngineServiceAdapter.java (40) M google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/config/GoogleComputeEngineServiceContextModule.java (3) A google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/functions/FirewallTagNamingConvention.java (64) M google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/functions/InstanceInZoneToNodeMetadata.java (15) M google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/strategy/CreateNodesWithGroupEncodedIntoNameThenAddToSet.java (79) M google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/domain/Firewall.java (6) -- Patch Links -- https://github.com/jclouds/jclouds-labs/pull/33.patch https://github.com/jclouds/jclouds-labs/pull/33.diff
