openstack
/
kuryr-kubernetes
Code Issues Proposed changes
kuryr-kubernetes/kuryr_kubernetes
History
Luis Tomas Bolivar 1d56b5b26d Avoid octavia default sg rules collision with kuryr ones 
Kuryr is adding sg rules to the loadbalancer to ensure namespace
isolation. Octavia is also adding sg rules when creating listeners.
Octavia is checking if a rule in the same protocol, direction and
port is already created before adding its own. However, if by any
chance kuryr is delayed adding its own rules (as it is already
happening in some gates), octavia will add its own first, and then
kuryr-controller will do it two. Thus having extra rules that will
break the isolation enforcement.

Closes-Bug: 1810395
(cherry picked from commit 60a1e19d49)
Change-Id: If4760625728539adb336e44ce881e04454c09d40
 		2019-01-22 16:34:22 +01:00
..
cmd CNI split - introducing CNI daemon 2017-11-21 08:50:04 +01:00
cni Lowercase hostname when using it as K8s nodeName 2018-12-03 14:19:56 +00:00
controller Avoid octavia default sg rules collision with kuryr ones 2019-01-22 16:34:22 +01:00
handlers Merge "Log the exception-info when an error raises in hanlder" 2018-05-16 10:13:14 +00:00
objects Change Pod annotations format to o.vo 2018-08-01 15:30:42 +02:00
platform OCP-Router: Fix path route to support subpath 2018-07-23 18:06:36 +03:00
tests Ensure sg rules associated to listeners are deleted 2019-01-21 08:14:25 +00:00
__init__.py Implement Guru meditation reports 2017-04-13 03:19:08 +00:00
clients.py Use K8s API LB IP instead of HOST_IP in DevStack 2018-07-17 10:40:02 +02:00
config.py Add namespace isolation for services 2018-08-06 19:33:55 +02:00
constants.py Implement NPWG multi-vif driver 2018-08-09 17:31:21 +08:00
exceptions.py Implement NPWG multi-vif driver 2018-08-09 17:31:21 +08:00
k8s_client.py Namespace deletion functionality for namespace_subnet driver 2018-06-07 13:13:57 +00:00
linux_net_utils.py Remove log translations 2017-03-28 15:13:49 +08:00
opts.py Get subnet_caching_opts from utils 2018-08-16 08:07:59 -04:00
os_vif_plug_noop.py Add MACVLAN based interfaces for nested containers 2017-06-12 13:14:12 +01:00
os_vif_util.py fix typos 2018-06-21 18:43:08 +08:00
utils.py Work out situation with KUBERNETES_NODE_NAME 2018-11-29 11:33:46 +00:00
version.py Implement Guru meditation reports 2017-04-13 03:19:08 +00:00
watcher.py Clean up watch resources after watcher.stop() 2018-09-24 06:59:09 +00:00