def _build_np_cache(self):
ns_uuid_set = set(NamespaceKM.keys())
ns_sg_name_set = set()
for ns_uuid in ns_uuid_set or []:
ns = NamespaceKM.get(ns_uuid)
if not ns:
continue
ns_name = ns.name
ns_sg = "-".join([vnc_kube_config.cluster_name(), ns_name, 'sg'])
ns_sg_name_set.add(ns_sg)
default_sg = "-".join(
[vnc_kube_config.cluster_name(), ns_name, 'default'])
ns_sg_name_set.add(default_sg)
self._default_ns_sgs[ns_name] = {}
sg_uuid_set = set(SecurityGroupKM.keys())
for sg_uuid in sg_uuid_set or []:
sg = SecurityGroupKM.get(sg_uuid)
if not sg or not sg.namespace:
continue
if sg.name in ns_sg_name_set:
sg_dict = {}
sg_dict[sg.name] = sg_uuid
self._default_ns_sgs[sg.namespace].update(sg_dict)
elif sg.np_pod_selector:
self._update_sg_cache(self._np_pod_label_cache,
sg.np_pod_selector, sg.uuid)
elif sg.ingress_pod_selector:
self._update_sg_cache(self._ingress_pod_label_cache,
sg.ingress_pod_selector, sg.uuid)
if sg.np_spec:
#_get_ingress_rule_list update _ingress_ns_label_cache
self._get_ingress_rule_list(sg.np_spec, sg.namespace, sg.name,
sg.uuid)
def _build_np_cache(self):
ns_uuid_set = set(NamespaceKM.keys())
ns_sg_name_set = set()
for ns_uuid in ns_uuid_set or []:
ns = NamespaceKM.get(ns_uuid)
if not ns:
continue
ns_name = ns.name
ns_sg = "-".join(
[vnc_kube_config.cluster_name(), ns_name, 'sg'])
ns_sg_name_set.add(ns_sg)
default_sg = "-".join(
[vnc_kube_config.cluster_name(), ns_name, 'default'])
ns_sg_name_set.add(default_sg)
self._default_ns_sgs[ns_name] = {}
sg_uuid_set = set(SecurityGroupKM.keys())
for sg_uuid in sg_uuid_set or []:
sg = SecurityGroupKM.get(sg_uuid)
if not sg or not sg.namespace:
continue
if sg.name in ns_sg_name_set:
sg_dict = {}
sg_dict[sg.name] = sg_uuid
self._default_ns_sgs[sg.namespace].update(sg_dict)
elif sg.np_pod_selector:
self._update_sg_cache(self._np_pod_label_cache,
sg.np_pod_selector, sg.uuid)
elif sg.ingress_pod_selector:
self._update_sg_cache(self._ingress_pod_label_cache,
sg.ingress_pod_selector, sg.uuid)
if sg.np_spec:
#_get_ingress_rule_list update _ingress_ns_label_cache
self._get_ingress_rule_list(sg.np_spec,
sg.namespace, sg.name, sg.uuid)
def _get_ns_address_list(self, np_sg_uuid, labels=None):
address_list = []
if not labels:
ns_uuid_list = NamespaceKM.keys()
labels = self._get_ns_allow_all_label()
else:
ns_uuid_set = self._find_namespaces(labels)
ns_uuid_list = list(ns_uuid_set)
for ns_uuid in ns_uuid_list or []:
address = {}
ns = NamespaceKM.get(ns_uuid)
if not ns:
continue
proj_fq_name = vnc_kube_config.cluster_project_fq_name(ns.name)
ns_sg_fq_name = proj_fq_name[:]
ns_sg = "-".join([vnc_kube_config.cluster_name(), ns.name, 'sg'])
ns_sg_fq_name.append(ns_sg)
address['security_group'] = ns_sg_fq_name
address['ns_selector'] = labels
if ns_sg in self._default_ns_sgs[ns.name]:
address['ns_sg_uuid'] = self._default_ns_sgs[ns.name][ns_sg]
address_list.append(address)
for label in labels.items():
key = self._label_cache._get_key(label)
self._label_cache._locate_label(key, self._ingress_ns_label_cache,
label, np_sg_uuid)
return address_list
def _get_ns_address_list(self, np_sg_uuid, labels=None):
address_list = []
if not labels:
ns_uuid_list = NamespaceKM.keys()
labels = self._get_ns_allow_all_label()
else:
ns_uuid_set = self._find_namespaces(labels)
ns_uuid_list = list(ns_uuid_set)
for ns_uuid in ns_uuid_list or []:
address = {}
ns = NamespaceKM.get(ns_uuid)
if not ns:
continue
proj_fq_name = vnc_kube_config.cluster_project_fq_name(ns.name)
ns_sg_fq_name = proj_fq_name[:]
ns_sg = "-".join([vnc_kube_config.cluster_name(), ns.name, 'sg'])
ns_sg_fq_name.append(ns_sg)
address['security_group'] = ns_sg_fq_name
address['ns_selector'] = labels
if ns_sg in self._default_ns_sgs[ns.name]:
address['ns_sg_uuid'] = self._default_ns_sgs[ns.name][ns_sg]
address_list.append(address)
for label in labels.items():
key = self._label_cache._get_key(label)
self._label_cache._locate_label(key,
self._ingress_ns_label_cache, label, np_sg_uuid)
return address_list
