예제 #1
0
    def on_present(self, service):
        lbaas_spec = utils.get_lbaas_spec(service)

        if self._should_ignore(service):
            LOG.debug(
                "Skipping Kubernetes service %s of an unsupported kind "
                "or without a selector as Kubernetes does not create "
                "an endpoint object for it.", service['metadata']['name'])
            return

        if self._has_lbaas_spec_changes(service, lbaas_spec):
            lbaas_spec = self._generate_lbaas_spec(service)
            utils.set_lbaas_spec(service, lbaas_spec)
예제 #2
0
    def update_lbaas_sg(self, service, sgs):
        LOG.debug('Setting SG for LBaaS VIP port')

        svc_namespace = service['metadata']['namespace']
        svc_name = service['metadata']['name']
        svc_ports = service['spec']['ports']

        lbaas_name = "%s/%s" % (svc_namespace, svc_name)
        lbaas = utils.get_lbaas_spec(service)
        if not lbaas:
            return

        lbaas.security_groups_ids = sgs
        utils.set_lbaas_spec(service, lbaas)

        for port in svc_ports:
            port_protocol = port['protocol']
            lbaas_port = port['port']
            target_port = port['targetPort']
            sg_rule_name = "%s:%s:%s" % (lbaas_name, port_protocol, lbaas_port)

            self._apply_members_security_groups(lbaas, lbaas_port,
                                                target_port, port_protocol,
                                                sg_rule_name, sgs)