Adapt selfLink calculation for KuryrNetPolicy CRD objects.
Implements: blueprint selflink Change-Id: I8d83db9be3bcb49f94b77e6e961589cbb54e9da3
This commit is contained in:
parent
3bd82fe69f
commit
7c790aa7f2
|
@ -422,18 +422,18 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver):
|
||||||
# NOTE(ltomasbo): add default rule to enable all ingress
|
# NOTE(ltomasbo): add default rule to enable all ingress
|
||||||
# traffic as NP policy is not affecting ingress
|
# traffic as NP policy is not affecting ingress
|
||||||
LOG.debug('Applying default all open for ingress for '
|
LOG.debug('Applying default all open for ingress for '
|
||||||
'policy %s', policy['metadata']['selfLink'])
|
'policy %s', utils.get_res_link(policy))
|
||||||
self._create_default_sg_rule(direction, sg_rule_body_list)
|
self._create_default_sg_rule(direction, sg_rule_body_list)
|
||||||
elif direction == 'egress':
|
elif direction == 'egress':
|
||||||
if policy_types and 'Egress' not in policy_types:
|
if policy_types and 'Egress' not in policy_types:
|
||||||
# NOTE(ltomasbo): add default rule to enable all egress
|
# NOTE(ltomasbo): add default rule to enable all egress
|
||||||
# traffic as NP policy is not affecting egress
|
# traffic as NP policy is not affecting egress
|
||||||
LOG.debug('Applying default all open for egress for '
|
LOG.debug('Applying default all open for egress for '
|
||||||
'policy %s', policy['metadata']['selfLink'])
|
'policy %s', utils.get_res_link(policy))
|
||||||
self._create_default_sg_rule(direction, sg_rule_body_list)
|
self._create_default_sg_rule(direction, sg_rule_body_list)
|
||||||
else:
|
else:
|
||||||
LOG.warning('Not supported policyType at network policy %s',
|
LOG.warning('Not supported policyType at network policy %s',
|
||||||
policy['metadata']['selfLink'])
|
utils.get_res_link(policy))
|
||||||
return
|
return
|
||||||
|
|
||||||
policy_namespace = policy['metadata']['namespace']
|
policy_namespace = policy['metadata']['namespace']
|
||||||
|
@ -445,7 +445,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver):
|
||||||
|
|
||||||
if rule_list[0] == {}:
|
if rule_list[0] == {}:
|
||||||
LOG.debug('Applying default all open policy from %s',
|
LOG.debug('Applying default all open policy from %s',
|
||||||
policy['metadata']['selfLink'])
|
utils.get_res_link(policy))
|
||||||
for ethertype in (constants.IPv4, constants.IPv6):
|
for ethertype in (constants.IPv4, constants.IPv6):
|
||||||
rule = driver_utils.create_security_group_rule_body(
|
rule = driver_utils.create_security_group_rule_body(
|
||||||
direction, ethertype=ethertype)
|
direction, ethertype=ethertype)
|
||||||
|
@ -527,7 +527,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver):
|
||||||
'%(rule_direction)s and no ports: %(policy)s',
|
'%(rule_direction)s and no ports: %(policy)s',
|
||||||
{'direction': direction,
|
{'direction': direction,
|
||||||
'rule_direction': rule_direction,
|
'rule_direction': rule_direction,
|
||||||
'policy': policy['metadata']['selfLink']})
|
'policy': utils.get_res_link(policy)})
|
||||||
|
|
||||||
def _create_svc_egress_sg_rule(self, policy_namespace, sg_rule_body_list,
|
def _create_svc_egress_sg_rule(self, policy_namespace, sg_rule_body_list,
|
||||||
resource=None, port=None, protocol=None):
|
resource=None, port=None, protocol=None):
|
||||||
|
@ -662,7 +662,7 @@ class NetworkPolicyDriver(base.NetworkPolicyDriver):
|
||||||
'name': networkpolicy_name,
|
'name': networkpolicy_name,
|
||||||
'namespace': namespace,
|
'namespace': namespace,
|
||||||
'annotations': {
|
'annotations': {
|
||||||
'networkPolicyLink': policy['metadata']['selfLink'],
|
'networkPolicyLink': utils.get_res_link(policy)
|
||||||
},
|
},
|
||||||
'finalizers': [constants.NETWORKPOLICY_FINALIZER],
|
'finalizers': [constants.NETWORKPOLICY_FINALIZER],
|
||||||
},
|
},
|
||||||
|
|
|
@ -77,7 +77,7 @@ class KuryrNetworkPolicyHandler(k8s_base.ResourceEventHandler):
|
||||||
'converting KuryrNetPolicy %s. Ignoring.',
|
'converting KuryrNetPolicy %s. Ignoring.',
|
||||||
utils.get_res_unique_name(new_networkpolicy),
|
utils.get_res_unique_name(new_networkpolicy),
|
||||||
utils.get_res_unique_name(netpolicy))
|
utils.get_res_unique_name(netpolicy))
|
||||||
self.k8s.delete(netpolicy['metadata']['selfLink'])
|
self.k8s.delete(utils.get_res_link(netpolicy))
|
||||||
|
|
||||||
def _patch_kuryrnetworkpolicy_crd(self, knp, field, data,
|
def _patch_kuryrnetworkpolicy_crd(self, knp, field, data,
|
||||||
action='replace'):
|
action='replace'):
|
||||||
|
|
|
@ -98,10 +98,15 @@ class TestPolicyHandler(test_base.TestCase):
|
||||||
self.assertEqual(self.lbaas_driver, self.handler._drv_lbaas)
|
self.assertEqual(self.lbaas_driver, self.handler._drv_lbaas)
|
||||||
|
|
||||||
def test_convert(self):
|
def test_convert(self):
|
||||||
|
self_link = ('/apis/openstack.org/v1/namespaces/ns/'
|
||||||
|
'kuryrnetpolicies/old-knp')
|
||||||
self.k8s.get.return_value = {'items': [{
|
self.k8s.get.return_value = {'items': [{
|
||||||
|
'apiVersion': 'openstack.org/v1',
|
||||||
|
'kind': 'KuryrNetPolicy',
|
||||||
'metadata': {
|
'metadata': {
|
||||||
'selfLink': mock.sentinel.old_self_link,
|
'selfLink': self_link,
|
||||||
'namespace': 'ns',
|
'namespace': 'ns',
|
||||||
|
'name': 'old-knp'
|
||||||
}
|
}
|
||||||
}]}
|
}]}
|
||||||
self.np_driver.get_from_old_crd.return_value = mock.sentinel.new_crd
|
self.np_driver.get_from_old_crd.return_value = mock.sentinel.new_crd
|
||||||
|
@ -109,4 +114,4 @@ class TestPolicyHandler(test_base.TestCase):
|
||||||
self.handler._convert_old_crds()
|
self.handler._convert_old_crds()
|
||||||
|
|
||||||
self.k8s.post.assert_called_once_with(mock.ANY, mock.sentinel.new_crd)
|
self.k8s.post.assert_called_once_with(mock.ANY, mock.sentinel.new_crd)
|
||||||
self.k8s.delete.assert_called_once_with(mock.sentinel.old_self_link)
|
self.k8s.delete.assert_called_once_with(self_link)
|
||||||
|
|
|
@ -75,9 +75,10 @@ cache.configure_cache_region(CONF, nodes_cache_region)
|
||||||
|
|
||||||
RESOURCE_MAP = {'Endpoints': 'endpoints',
|
RESOURCE_MAP = {'Endpoints': 'endpoints',
|
||||||
'KuryrLoadBalancer': 'kuryrloadbalancers',
|
'KuryrLoadBalancer': 'kuryrloadbalancers',
|
||||||
'KuryrPort': 'kuryrports',
|
'KuryrNetPolicy': 'kuryrnetpolicies',
|
||||||
'KuryrNetworkPolicy': 'kuryrnetworkpolicies',
|
|
||||||
'KuryrNetwork': 'kuryrnetworks',
|
'KuryrNetwork': 'kuryrnetworks',
|
||||||
|
'KuryrNetworkPolicy': 'kuryrnetworkpolicies',
|
||||||
|
'KuryrPort': 'kuryrports',
|
||||||
'Namespace': 'namespaces',
|
'Namespace': 'namespaces',
|
||||||
'NetworkPolicy': 'networkpolicies',
|
'NetworkPolicy': 'networkpolicies',
|
||||||
'Node': 'nodes',
|
'Node': 'nodes',
|
||||||
|
|
Loading…
Reference in New Issue