Browse Source

Adapt selfLink calculation for KuryrNetPolicy CRD objects.

Implements: blueprint selflink
Change-Id: I8d83db9be3bcb49f94b77e6e961589cbb54e9da3
changes/39/768339/8
Roman Dobosz 2 months ago
parent
commit
7c790aa7f2
4 changed files with 17 additions and 11 deletions
  1. +6
    -6
      kuryr_kubernetes/controller/drivers/network_policy.py
  2. +1
    -1
      kuryr_kubernetes/controller/handlers/kuryrnetworkpolicy.py
  3. +7
    -2
      kuryr_kubernetes/tests/unit/controller/handlers/test_kuryrnetworkpolicy.py
  4. +3
    -2
      kuryr_kubernetes/utils.py

+ 6
- 6
kuryr_kubernetes/controller/drivers/network_policy.py View File

@ -422,18 +422,18 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver):
# NOTE(ltomasbo): add default rule to enable all ingress
# traffic as NP policy is not affecting ingress
LOG.debug('Applying default all open for ingress for '
'policy %s', policy['metadata']['selfLink'])
'policy %s', utils.get_res_link(policy))
self._create_default_sg_rule(direction, sg_rule_body_list)
elif direction == 'egress':
if policy_types and 'Egress' not in policy_types:
# NOTE(ltomasbo): add default rule to enable all egress
# traffic as NP policy is not affecting egress
LOG.debug('Applying default all open for egress for '
'policy %s', policy['metadata']['selfLink'])
'policy %s', utils.get_res_link(policy))
self._create_default_sg_rule(direction, sg_rule_body_list)
else:
LOG.warning('Not supported policyType at network policy %s',
policy['metadata']['selfLink'])
utils.get_res_link(policy))
return
policy_namespace = policy['metadata']['namespace']
@ -445,7 +445,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver):
if rule_list[0] == {}:
LOG.debug('Applying default all open policy from %s',
policy['metadata']['selfLink'])
utils.get_res_link(policy))
for ethertype in (constants.IPv4, constants.IPv6):
rule = driver_utils.create_security_group_rule_body(
direction, ethertype=ethertype)
@ -527,7 +527,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver):
'%(rule_direction)s and no ports: %(policy)s',
{'direction': direction,
'rule_direction': rule_direction,
'policy': policy['metadata']['selfLink']})
'policy': utils.get_res_link(policy)})
def _create_svc_egress_sg_rule(self, policy_namespace, sg_rule_body_list,
resource=None, port=None, protocol=None):
@ -662,7 +662,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver):
'name': networkpolicy_name,
'namespace': namespace,
'annotations': {
'networkPolicyLink': policy['metadata']['selfLink'],
'networkPolicyLink': utils.get_res_link(policy)
},
'finalizers': [constants.NETWORKPOLICY_FINALIZER],
},


+ 1
- 1
kuryr_kubernetes/controller/handlers/kuryrnetworkpolicy.py View File

@ -77,7 +77,7 @@ class KuryrNetworkPolicyHandler(k8s_base.ResourceEventHandler):
'converting KuryrNetPolicy %s. Ignoring.',
utils.get_res_unique_name(new_networkpolicy),
utils.get_res_unique_name(netpolicy))
self.k8s.delete(netpolicy['metadata']['selfLink'])
self.k8s.delete(utils.get_res_link(netpolicy))
def _patch_kuryrnetworkpolicy_crd(self, knp, field, data,
action='replace'):


+ 7
- 2
kuryr_kubernetes/tests/unit/controller/handlers/test_kuryrnetworkpolicy.py View File

@ -98,10 +98,15 @@ class TestPolicyHandler(test_base.TestCase):
self.assertEqual(self.lbaas_driver, self.handler._drv_lbaas)
def test_convert(self):
self_link = ('/apis/openstack.org/v1/namespaces/ns/'
'kuryrnetpolicies/old-knp')
self.k8s.get.return_value = {'items': [{
'apiVersion': 'openstack.org/v1',
'kind': 'KuryrNetPolicy',
'metadata': {
'selfLink': mock.sentinel.old_self_link,
'selfLink': self_link,
'namespace': 'ns',
'name': 'old-knp'
}
}]}
self.np_driver.get_from_old_crd.return_value = mock.sentinel.new_crd
@ -109,4 +114,4 @@ class TestPolicyHandler(test_base.TestCase):
self.handler._convert_old_crds()
self.k8s.post.assert_called_once_with(mock.ANY, mock.sentinel.new_crd)
self.k8s.delete.assert_called_once_with(mock.sentinel.old_self_link)
self.k8s.delete.assert_called_once_with(self_link)

+ 3
- 2
kuryr_kubernetes/utils.py View File

@ -75,9 +75,10 @@ cache.configure_cache_region(CONF, nodes_cache_region)
RESOURCE_MAP = {'Endpoints': 'endpoints',
'KuryrLoadBalancer': 'kuryrloadbalancers',
'KuryrPort': 'kuryrports',
'KuryrNetworkPolicy': 'kuryrnetworkpolicies',
'KuryrNetPolicy': 'kuryrnetpolicies',
'KuryrNetwork': 'kuryrnetworks',
'KuryrNetworkPolicy': 'kuryrnetworkpolicies',
'KuryrPort': 'kuryrports',
'Namespace': 'namespaces',
'NetworkPolicy': 'networkpolicies',
'Node': 'nodes',


Loading…
Cancel
Save