Skip to content

feat: [NPM] adding windows ACL Policy reset support #1121

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Dec 3, 2021
Merged

feat: [NPM] adding windows ACL Policy reset support #1121

merged 2 commits into from
Dec 3, 2021

Conversation

@vakalapa
Copy link
Contributor

@vakalapa vakalapa commented Nov 22, 2021
edited
Loading

Reason for Change:

Adding support to reset all existing NPM ACL policies on all endpoints in windows DP.

Issue Fixed:

Requirements:

Notes:

@vakalapa vakalapa requested review from JungukCho, huntergregory and matmerr and removed request for matmerr November 22, 2021 19:14
huntergregory
huntergregory reviewed Nov 23, 2021
View reviewed changes
npm/pkg/dataplane/dataplane_windows.go
epIDs := dp.getAllEndpointIDs()

// It is important to keep order to clean-up ACLs before ipsets. Otherwise we won't be able to delete ipsets referenced by ACLs
if err := dp.policyMgr.Reset(epIDs); err != nil {
Copy link
Contributor

@huntergregory huntergregory Nov 22, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in resetDataPlane(), only difference between linux and windows is getting the endpoint IDs. Perhaps make getAllEndpointIDs() OS specific (call dp.initializeDP() within it) and keep pMgr and iMgr resets in generic dp.Reset()

Copy link
Contributor Author

@vakalapa vakalapa Dec 1, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will also need to initializeDP first in windows to be able to get a view of the endpoints in HNS, so it would be better to keep it as is.

npm/pkg/dataplane/policies/policymanager_windows.go Outdated
// but if the bug is not solved then get all existing policies and remove relevant policies from list
// then apply remaining policies onto the endpoint
var aggregateErr error
noOfRulesToRemove := len(rulesToRemove)
Copy link
Contributor

@huntergregory huntergregory Nov 22, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nitpick: more conventional to say numOfRules?

@huntergregory huntergregory added the npm Related to NPM. label Nov 23, 2021
@vakalapa vakalapa merged commit d40a907 into master Dec 3, 2021
@vakalapa vakalapa deleted the vakr/windpreset branch December 3, 2021 00:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JungukCho JungukCho Awaiting requested review from JungukCho

@matmerr matmerr Awaiting requested review from matmerr

1 more reviewer

@huntergregory huntergregory huntergregory approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

npm Related to NPM.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vakalapa @huntergregory