def create_namespace_sg_rules(self, namespace):
ns_name = namespace['metadata']['name']
LOG.debug("Creating SG rules for namespace: %s", ns_name)
crd_selectors = []
knp_crds = driver_utils.get_kuryrnetworkpolicy_crds()
nps = driver_utils.get_networkpolicies()
pairs = driver_utils.zip_knp_np(knp_crds, nps)
for crd, policy in pairs:
crd_selector = crd['spec'].get('podSelector')
spec = policy.get('spec')
i_matched = _parse_rules('ingress', crd, spec, namespace=namespace)
e_matched = _parse_rules('egress', crd, spec, namespace=namespace)
if i_matched or e_matched:
_bump_networkpolicy(crd)
if i_matched:
crd_selectors.append(crd_selector)
return crd_selectors
def create_namespace_sg_rules(self, namespace):
ns_name = namespace['metadata']['name']
LOG.debug("Creating SG rules for namespace: %s", ns_name)
crd_selectors = []
knp_crds = driver_utils.get_kuryrnetworkpolicy_crds()
nps = driver_utils.get_networkpolicies()
pairs = driver_utils.zip_knp_np(knp_crds, nps)
for crd, policy in pairs:
crd_selector = crd['spec'].get('podSelector')
spec = policy.get('spec')
i_matched = _parse_rules('ingress', crd, spec, namespace=namespace)
e_matched = _parse_rules('egress', crd, spec, namespace=namespace)
if i_matched or e_matched:
try:
driver_utils.bump_networkpolicy(crd)
except exceptions.K8sResourceNotFound:
# The NP got deleted, ignore it.
continue
if i_matched:
crd_selectors.append(crd_selector)
return crd_selectors