From ffed8839595b5291bbf867170120096b7fde21c8 Mon Sep 17 00:00:00 2001
From: Bharat Kunwar <bharat@stackhpc.com>
Date: Fri, 7 Aug 2020 15:18:32 +0000
Subject: [PATCH] [k8s-atomic] Support master_lb_allowed_cidrs in template

In I157a3b01d169e550e79b94316803fde8ddf77b03, support for
master_lb_allowed_cidrs  was introduced but only for the fedora coreos
driver. However, this parameter is also supplied to fedora atomic
clusters but the template does not expect this parameter. As a result,
cluster creation fails due to backward incompatibility. This PS
addresses this issue.

Task: 40632
Story: 2007478

Change-Id: Ia781288f7aa35146582b10d5762aa05e3b107dce
---
 doc/source/user/index.rst                                  | 4 ++--
 .../k8s_fedora_atomic_v1/templates/kubecluster.yaml        | 7 +++++++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/doc/source/user/index.rst b/doc/source/user/index.rst
index de555307e0..ba0dc96c66 100644
--- a/doc/source/user/index.rst
+++ b/doc/source/user/index.rst
@@ -1531,8 +1531,8 @@ _`master_lb_floating_ip_enabled`
 _`master_lb_allowed_cidrs`
   A CIDR list which can be used to control the access for the load balancer of
   master nodes. The input format is comma delimited list. For example,
-  192.168.0.0/16,10.0.0.0/24. Default value is "" which means opening to
-  0.0.0.0/0.
+  192.168.0.0/16,10.0.0.0/24.
+  Default: "" (which opens to 0.0.0.0/0)
 
 _`auto_healing_enabled`
   If set to true, auto healing feature will be enabled. Defaults to false.
diff --git a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
index 8eedff1ea1..bcabedaf44 100644
--- a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
+++ b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
@@ -920,6 +920,11 @@ parameters:
       specific configs
     default: ""
 
+  master_lb_allowed_cidrs:
+    type: comma_delimited_list
+    description: The allowed CIDR list for master load balancer
+    default: []
+
 resources:
 
   ######################################################################
@@ -949,6 +954,7 @@ resources:
       external_network: {get_param: external_network}
       protocol: {get_param: loadbalancing_protocol}
       port: {get_param: kubernetes_port}
+      allowed_cidrs: {get_param: master_lb_allowed_cidrs}
 
   etcd_lb:
     condition: create_cluster_resources
@@ -957,6 +963,7 @@ resources:
       fixed_subnet: {get_attr: [network, fixed_subnet]}
       protocol: {get_param: loadbalancing_protocol}
       port: 2379
+      allowed_cidrs: {get_param: master_lb_allowed_cidrs}
 
   ######################################################################
   #