[occm][WIP] Add SG to node ensure the different node's pods can acces…

…s each other
kubernetes · Dec 6, 2023 · f9ab6ef · f9ab6ef
1 parent 92f5fe3
commit f9ab6ef
Show file tree

Hide file tree

Showing 3 changed files with 294 additions and 67 deletions.
diff --git a/pkg/openstack/loadbalancer.go b/pkg/openstack/loadbalancer.go
@@ -431,15 +431,6 @@ func getSecurityGroupName(service *corev1.Service) string {
 	return securityGroupName
 }
 
-func getSecurityGroupRules(client *gophercloud.ServiceClient, opts rules.ListOpts) ([]rules.SecGroupRule, error) {
-	mc := metrics.NewMetricContext("security_group_rule", "list")
-	page, err := rules.List(client, opts).AllPages()
-	if mc.ObserveRequest(err) != nil {
-		return nil, err
-	}
-	return rules.ExtractRules(page)
-}
-
 func getListenerProtocol(protocol corev1.Protocol, svcConf *serviceConfig) listeners.Protocol {
 	// Make neutron-lbaas code work
 	if svcConf != nil {
@@ -2338,7 +2329,7 @@ func (lbaas *LbaasV2) ensureAndUpdateOctaviaSecurityGroup(clusterName string, ap
 		cidrs = svcConf.allowedCIDR
 	}
 
-	existingRules, err := getSecurityGroupRules(lbaas.network, rules.ListOpts{SecGroupID: lbSecGroupID})
+	existingRules, err := openstackutil.GetSecurityGroupRules(lbaas.network, rules.ListOpts{SecGroupID: lbSecGroupID})
 	if err != nil {
 		return fmt.Errorf(
 			"failed to find security group rules in %s: %v", lbSecGroupID, err)