kuryr-kubernetes

sg_mode create is not enforced without namespace handler or svc of ClusterIP

Bug #1809451 reported by Luis Tomas Bolivar
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
kuryr-kubernetes
Fix Released
Undecided
Luis Tomas Bolivar

Bug Description

When services are not of ClusterIP type or namespace the handler is not enabled, the sg_mode create will not be enforced and no security group will be created for the LoadBalancer

See original description
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to kuryr-kubernetes (master)

Fix proposed to branch: master
Review: https://review.openstack.org/626887

Changed in kuryr-kubernetes:
assignee: nobody → Luis Tomas Bolivar (ltomasbo)
status: New → In Progress
Antoni Segura Puimedon (celebdor)
description: updated
Antoni Segura Puimedon (celebdor)
summary: - sg_mode create is not enforce without namespace handler or svc of
+ sg_mode create is not enforced without namespace handler or svc of
ClusterIP
Antoni Segura Puimedon (celebdor)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kuryr-kubernetes (master)

Reviewed: https://review.openstack.org/626887
Committed: https://git.openstack.org/cgit/openstack/kuryr-kubernetes/commit/?id=c0e1e4589116417acfee97b6c199afdb903d8f47
Submitter: Zuul
Branch: master

commit c0e1e4589116417acfee97b6c199afdb903d8f47
Author: Luis Tomas Bolivar <email address hidden>
Date: Fri Dec 21 13:20:19 2018 +0100

    Handle loadbalancer SGs are created when sg_mode is create

    This patch set ensures the loadbalancer SG and its rules are
    properly created when the sg_mode is set to create.

    In addition, this patch makes posible to enforce network policies
    for svc when sg_mode is 'create' and the octavia driver is 'ovn'

    Partially Implements: blueprint k8s-network-policies
    Closes-Bug: 1809451
    Change-Id: I776e7d82bb0b3ffed45f084519a3c3180d5e915c

Changed in kuryr-kubernetes:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/kuryr-kubernetes 0.6.1

This issue was fixed in the openstack/kuryr-kubernetes 0.6.1 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.