def vnc_network_policy_add(self, event, namespace, name, uid):
spec = event['object']['spec']
if not spec:
self._logger.error("%s - %s:%s Spec Not Found" \
%(self._name, name, uid))
return
fw_policy_uuid = VncSecurityPolicy.create_firewall_policy(
name, namespace, spec)
VncSecurityPolicy.add_firewall_policy(fw_policy_uuid)
def create_ingress_security_policy(self):
"""
Create a FW policy to house all ingress-to-service rules.
"""
if not VncSecurityPolicy.ingress_svc_fw_policy_uuid:
VncSecurityPolicy.ingress_svc_fw_policy_uuid =\
VncSecurityPolicy.create_firewall_policy(self._k8s_event_type,
None, None, is_global=True)
VncSecurityPolicy.add_firewall_policy(
VncSecurityPolicy.ingress_svc_fw_policy_uuid)
def create_ingress_security_policy(self):
"""
Create a FW policy to house all ingress-to-service rules.
"""
if not VncSecurityPolicy.ingress_svc_fw_policy_uuid:
VncSecurityPolicy.ingress_svc_fw_policy_uuid =\
VncSecurityPolicy.create_firewall_policy(
"-".join([vnc_kube_config.cluster_name(), self._k8s_event_type]),
None, None, is_global=True)
VncSecurityPolicy.add_firewall_policy(
VncSecurityPolicy.ingress_svc_fw_policy_uuid)
def vnc_network_policy_add(self, event, namespace, name, uid):
spec = event['object']['spec']
if not spec:
self._logger.error("%s - %s:%s Spec Not Found" \
%(self._name, name, uid))
return
fw_policy_uuid = VncSecurityPolicy.create_firewall_policy(name, namespace, spec)
VncSecurityPolicy.add_firewall_policy(fw_policy_uuid)
# Update kube config db entry for the network policy.
np = NetworkPolicyKM.find_by_name_or_uuid(uid)
if np:
fw_policy_obj = self._vnc_lib.firewall_policy_read(id=fw_policy_uuid)
np.set_vnc_fq_name(":".join(fw_policy_obj.get_fq_name()))
def vnc_network_policy_add(self, event, namespace, name, uid):
spec = event['object']['spec']
if not spec:
self._logger.error("%s - %s:%s Spec Not Found" \
%(self._name, name, uid))
return
fw_policy_uuid = VncSecurityPolicy.create_firewall_policy(name, namespace,
spec, k8s_uuid=uid)
VncSecurityPolicy.add_firewall_policy(fw_policy_uuid)
# Update kube config db entry for the network policy.
np = NetworkPolicyKM.find_by_name_or_uuid(uid)
if np:
fw_policy_obj = self._vnc_lib.firewall_policy_read(id=fw_policy_uuid)
np.set_vnc_fq_name(":".join(fw_policy_obj.get_fq_name()))