This applies to the allowed address pairs driver, but really applies to any driver implementation.
When a listener is created, the security group created for a load balancer needs to be updated to allow tcp traffic to the port specified in the listener's protocol_port. Consequently, when a listener is removed that security group rule should be removed as well.
This would best be solved by having a vip_update (or just update) method defined in the network driver interface. It shouldn't need to be implemented so it wouldn't be an @abstractmethod. It however would always be called upon a listener create, update, and delete. I don't see a need for it being called in pool, member, or health monitor operations yet, but it should be done when its decided it is needed.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 913b6a8514b6c01
Author: Brandon Logan <email address hidden>
Date: Tue May 12 20:46:42 2015 -0500
Added update_vip method to network driver
There needed to be a method to update the security group rules whenever
a listener is added or removed. The update_vip method will not update those
rules based on what listener's are present.
Also changed the allocate_vip method to take in a load_balancer instead of
port_id, network_id, and/or ip_address. The reason for this is some driver
implementations may just want the vip to be the IP directly on the amphora.
The previous signature did not allow this.
Closes-Bug: #1453609
Closes-Bug: #1453610
Change-Id: Ie5765c231c6f6b