update nsg rule

hack/e2e/aks-addon.sh

@@ -54,13 +54,13 @@ fi
 
 TMPDIR=""
 
-cleanup() {
- az group delete --name "$RESOURCE_GROUP" --yes --no-wait || true
- if [ -n "$TMPDIR" ]; then
-     rm -rf "$TMPDIR"
- fi
-}
-trap 'cleanup' EXIT
+# cleanup() {
+#  az group delete --name "$RESOURCE_GROUP" --yes --no-wait || true
+#  if [ -n "$TMPDIR" ]; then
+#      rm -rf "$TMPDIR"
+#  fi
+# }
+# trap 'cleanup' EXIT
 
 
 check_aci_registered() {
@@ -114,57 +114,57 @@ az network vnet subnet create \
     --address-prefix $ACI_SUBNET_CIDR \
     --network-security-group $NSG_NAME 
 
-az network nsg rule create \
-    --resource-group $RESOURCE_GROUP \
-    --nsg-name $NSG_NAME \
-    --name AllowClusterSubnetTraffic \
-    --priority 1000 \
-    --direction Inbound \
-    --access Allow \
-    --protocol '*' \
-    --source-address-prefix $CLUSTER_SUBNET_CIDR \
-    --source-port-range '*' \
-    --destination-address-prefix $CLUSTER_SUBNET_CIDR \
-    --destination-port-range '*'
-
-az network nsg rule create \
-    --resource-group $RESOURCE_GROUP \
-    --nsg-name $NSG_NAME \
-    --name AllowClusterSubnetOutbound \
-    --priority 1100 \
-    --direction Outbound \
-    --access Allow \
-    --protocol '*' \
-    --source-address-prefix $CLUSTER_SUBNET_CIDR \
-    --source-port-range '*' \
-    --destination-address-prefix '*' \
-    --destination-port-range '*'
-
-az network nsg rule create \
-    --resource-group $RESOURCE_GROUP \
-    --nsg-name $NSG_NAME \
-    --name AllowACISubnetTraffic \
-    --priority 1100 \
-    --direction Inbound \
-    --access Allow \
-    --protocol '*' \
-    --source-address-prefix $ACI_SUBNET_CIDR \
-    --source-port-range '*' \
-    --destination-address-prefix $ACI_SUBNET_CIDR \
-    --destination-port-range '*'
+# az network nsg rule create \
+#     --resource-group $RESOURCE_GROUP \
+#     --nsg-name $NSG_NAME \
+#     --name AllowClusterSubnetTraffic \
+#     --priority 1000 \
+#     --direction Inbound \
+#     --access Allow \
+#     --protocol '*' \
+#     --source-address-prefix $CLUSTER_SUBNET_CIDR \
+#     --source-port-range '*' \
+#     --destination-address-prefix $CLUSTER_SUBNET_CIDR \
+#     --destination-port-range '*'
+
+# az network nsg rule create \
+#     --resource-group $RESOURCE_GROUP \
+#     --nsg-name $NSG_NAME \
+#     --name AllowClusterSubnetOutbound \
+#     --priority 1100 \
+#     --direction Outbound \
+#     --access Allow \
+#     --protocol '*' \
+#     --source-address-prefix $CLUSTER_SUBNET_CIDR \
+#     --source-port-range '*' \
+#     --destination-address-prefix '*' \
+#     --destination-port-range '*'
+
+# az network nsg rule create \
+#     --resource-group $RESOURCE_GROUP \
+#     --nsg-name $NSG_NAME \
+#     --name AllowACISubnetTraffic \
+#     --priority 1100 \
+#     --direction Inbound \
+#     --access Allow \
+#     --protocol '*' \
+#     --source-address-prefix $ACI_SUBNET_CIDR \
+#     --source-port-range '*' \
+#     --destination-address-prefix $ACI_SUBNET_CIDR \
+#     --destination-port-range '*'
 
-az network nsg rule create \
-    --resource-group $RESOURCE_GROUP \
-    --nsg-name $NSG_NAME \
-    --name AllowACISubnetOutbound \
-    --priority 1300 \
-    --direction Outbound \
-    --access Allow \
-    --protocol '*' \
-    --source-address-prefix $ACI_SUBNET_CIDR \
-    --source-port-range '*' \
-    --destination-address-prefix '*' \
-    --destination-port-range '*'
+# az network nsg rule create \
+#     --resource-group $RESOURCE_GROUP \
+#     --nsg-name $NSG_NAME \
+#     --name AllowACISubnetOutbound \
+#     --priority 1300 \
+#     --direction Outbound \
+#     --access Allow \
+#     --protocol '*' \
+#     --source-address-prefix $ACI_SUBNET_CIDR \
+#     --source-port-range '*' \
+#     --destination-address-prefix '*' \
+#     --destination-port-range '*'
 
 cluster_subnet_id="$(az network vnet subnet show \
     --resource-group $RESOURCE_GROUP \