Ensure no attempt to deleted sg rules owned by Octavia happens

When updating the LB security group with only the rules applied on a Network Policy we are also considering the sg rules owned by octavia, this result on failure when trying to delete the rules as this operation is not allowed. This commit ensures only the rules owned by the correct tenant are deleted. Change-Id: I06ece3fd93d1408f6023d3daf0ba152fe7dfe4e4 Closes-bug: 1869063
2020-03-25 17:51:45 +00:00 · 2020-03-25 17:51:45 +00:00 · 737e34c5ff
parent afc0b49671
commit 737e34c5ff
1 changed files with 2 additions and 1 deletions
--- a/kuryr_kubernetes/controller/drivers/lbaasv2.py
+++ b/kuryr_kubernetes/controller/drivers/lbaasv2.py
@ -266,7 +266,8 @@ class LBaaSv2Driver(base.LBaaSDriver):
                                        protocol, lb_sg, new_sgs, listener_id)
            return

-        lbaas_sg_rules = os_net.security_group_rules(security_group_id=lb_sg)
+        lbaas_sg_rules = os_net.security_group_rules(
+                security_group_id=lb_sg, project_id=loadbalancer.project_id)
        all_pod_rules = []
        add_default_rules = False