From 7c790aa7f256f9d3cc513b75ad6b7032cc6df27d Mon Sep 17 00:00:00 2001 From: Roman Dobosz Date: Wed, 23 Dec 2020 13:50:05 +0100 Subject: [PATCH] Adapt selfLink calculation for KuryrNetPolicy CRD objects. Implements: blueprint selflink Change-Id: I8d83db9be3bcb49f94b77e6e961589cbb54e9da3 --- .../controller/drivers/network_policy.py | 12 ++++++------ .../controller/handlers/kuryrnetworkpolicy.py | 2 +- .../controller/handlers/test_kuryrnetworkpolicy.py | 9 +++++++-- kuryr_kubernetes/utils.py | 5 +++-- 4 files changed, 17 insertions(+), 11 deletions(-) diff --git a/kuryr_kubernetes/controller/drivers/network_policy.py b/kuryr_kubernetes/controller/drivers/network_policy.py index 54a8f2d98..9bdf570c4 100644 --- a/kuryr_kubernetes/controller/drivers/network_policy.py +++ b/kuryr_kubernetes/controller/drivers/network_policy.py @@ -422,18 +422,18 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver): # NOTE(ltomasbo): add default rule to enable all ingress # traffic as NP policy is not affecting ingress LOG.debug('Applying default all open for ingress for ' - 'policy %s', policy['metadata']['selfLink']) + 'policy %s', utils.get_res_link(policy)) self._create_default_sg_rule(direction, sg_rule_body_list) elif direction == 'egress': if policy_types and 'Egress' not in policy_types: # NOTE(ltomasbo): add default rule to enable all egress # traffic as NP policy is not affecting egress LOG.debug('Applying default all open for egress for ' - 'policy %s', policy['metadata']['selfLink']) + 'policy %s', utils.get_res_link(policy)) self._create_default_sg_rule(direction, sg_rule_body_list) else: LOG.warning('Not supported policyType at network policy %s', - policy['metadata']['selfLink']) + utils.get_res_link(policy)) return policy_namespace = policy['metadata']['namespace'] @@ -445,7 +445,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver): if rule_list[0] == {}: LOG.debug('Applying default all open policy from %s', - policy['metadata']['selfLink']) + utils.get_res_link(policy)) for ethertype in (constants.IPv4, constants.IPv6): rule = driver_utils.create_security_group_rule_body( direction, ethertype=ethertype) @@ -527,7 +527,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver): '%(rule_direction)s and no ports: %(policy)s', {'direction': direction, 'rule_direction': rule_direction, - 'policy': policy['metadata']['selfLink']}) + 'policy': utils.get_res_link(policy)}) def _create_svc_egress_sg_rule(self, policy_namespace, sg_rule_body_list, resource=None, port=None, protocol=None): @@ -662,7 +662,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver): 'name': networkpolicy_name, 'namespace': namespace, 'annotations': { - 'networkPolicyLink': policy['metadata']['selfLink'], + 'networkPolicyLink': utils.get_res_link(policy) }, 'finalizers': [constants.NETWORKPOLICY_FINALIZER], }, diff --git a/kuryr_kubernetes/controller/handlers/kuryrnetworkpolicy.py b/kuryr_kubernetes/controller/handlers/kuryrnetworkpolicy.py index e00efea7b..ebc4eb400 100644 --- a/kuryr_kubernetes/controller/handlers/kuryrnetworkpolicy.py +++ b/kuryr_kubernetes/controller/handlers/kuryrnetworkpolicy.py @@ -77,7 +77,7 @@ class KuryrNetworkPolicyHandler(k8s_base.ResourceEventHandler): 'converting KuryrNetPolicy %s. Ignoring.', utils.get_res_unique_name(new_networkpolicy), utils.get_res_unique_name(netpolicy)) - self.k8s.delete(netpolicy['metadata']['selfLink']) + self.k8s.delete(utils.get_res_link(netpolicy)) def _patch_kuryrnetworkpolicy_crd(self, knp, field, data, action='replace'): diff --git a/kuryr_kubernetes/tests/unit/controller/handlers/test_kuryrnetworkpolicy.py b/kuryr_kubernetes/tests/unit/controller/handlers/test_kuryrnetworkpolicy.py index 72c2ec335..e747d963c 100644 --- a/kuryr_kubernetes/tests/unit/controller/handlers/test_kuryrnetworkpolicy.py +++ b/kuryr_kubernetes/tests/unit/controller/handlers/test_kuryrnetworkpolicy.py @@ -98,10 +98,15 @@ class TestPolicyHandler(test_base.TestCase): self.assertEqual(self.lbaas_driver, self.handler._drv_lbaas) def test_convert(self): + self_link = ('/apis/openstack.org/v1/namespaces/ns/' + 'kuryrnetpolicies/old-knp') self.k8s.get.return_value = {'items': [{ + 'apiVersion': 'openstack.org/v1', + 'kind': 'KuryrNetPolicy', 'metadata': { - 'selfLink': mock.sentinel.old_self_link, + 'selfLink': self_link, 'namespace': 'ns', + 'name': 'old-knp' } }]} self.np_driver.get_from_old_crd.return_value = mock.sentinel.new_crd @@ -109,4 +114,4 @@ class TestPolicyHandler(test_base.TestCase): self.handler._convert_old_crds() self.k8s.post.assert_called_once_with(mock.ANY, mock.sentinel.new_crd) - self.k8s.delete.assert_called_once_with(mock.sentinel.old_self_link) + self.k8s.delete.assert_called_once_with(self_link) diff --git a/kuryr_kubernetes/utils.py b/kuryr_kubernetes/utils.py index 7f73483f9..b4007d362 100644 --- a/kuryr_kubernetes/utils.py +++ b/kuryr_kubernetes/utils.py @@ -75,9 +75,10 @@ cache.configure_cache_region(CONF, nodes_cache_region) RESOURCE_MAP = {'Endpoints': 'endpoints', 'KuryrLoadBalancer': 'kuryrloadbalancers', - 'KuryrPort': 'kuryrports', - 'KuryrNetworkPolicy': 'kuryrnetworkpolicies', + 'KuryrNetPolicy': 'kuryrnetpolicies', 'KuryrNetwork': 'kuryrnetworks', + 'KuryrNetworkPolicy': 'kuryrnetworkpolicies', + 'KuryrPort': 'kuryrports', 'Namespace': 'namespaces', 'NetworkPolicy': 'networkpolicies', 'Node': 'nodes',