Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adding API to have shared security groups #3595

Closed
wants to merge 1 commit into from
Closed

adding API to have shared security groups #3595

wants to merge 1 commit into from

Conversation

chrislovecnm
Copy link
Contributor

@justinsb @KashifSaadat @geojaz

Let me know what you think

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Oct 10, 2017
@justinsb
Copy link
Member

This works for me 👍

We already have AdditionalSecurityGroups on the InstanceGroup, so we've already accepted the AWS-orientated naming.

@chrislovecnm
Copy link
Contributor Author

/retest

@chrislovecnm
Copy link
Contributor Author

@justinsb it flaked btw

@chrislovecnm
Copy link
Contributor Author

@justinsb ptal

@robinpercy
Copy link
Contributor

This exactly fits my use cases 👍

@justinsb
Copy link
Member

API LGTM here. My concern is that I'd like to see an implementation, just in case, but this LGTM!

KashifSaadat
KashifSaadat reviewed Oct 12, 2017
View reviewed changes
pkg/apis/kops/cluster.go Outdated
AdditionalSecurityGroups []string `json:"additionalSecurityGroups,omitempty"`
// SecurityGroup is the id of the shared security group to use for the InstanceGroupSpec
// This API is currently under development.
SecurityGroup *string `json:"securityGroup,omitempty"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, but I think the naming or comment could potentially be reworded so it's clearer. Maybe (if I have understood this correctly):

// SecurityGroupID is the ID of a pre-existing security group to use on the resource. This ID
// will be referenced in rules within the InstanceGroupSpec Security Groups.
// This API is currently under development.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wordsmithing would be awesome

@justinsb justinsb added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 4, 2017
@justinsb
Copy link
Member

justinsb commented Nov 4, 2017

Going to mark for hold, we can merge at the same time as the implementation

@k8s-github-robot
Copy link

@chrislovecnm PR needs rebase

@k8s-github-robot k8s-github-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 10, 2017
@justinsb justinsb added this to the 1.9 milestone Nov 22, 2017
@kubernetes kubernetes deleted a comment from k8s-github-robot Dec 14, 2017
@chrislovecnm chrislovecnm removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Dec 14, 2017
@k8s-github-robot
Copy link

@chrislovecnm PR needs rebase

@k8s-github-robot k8s-github-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Dec 15, 2017
@k8s-github-robot k8s-github-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Dec 28, 2017
@chrislovecnm chrislovecnm mentioned this pull request Jan 7, 2018
Closed
@chrislovecnm chrislovecnm removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 7, 2018
@chrislovecnm
Copy link
Contributor Author

/assign @KashifSaadat

PTAL - I have some items that are not done yet #4212, but I would like to follow-up with other PRs

@chrislovecnm
Copy link
Contributor Author

Got a bug with the instance profile ... yay, but this is ready for a look

justinsb
justinsb reviewed Jan 7, 2018
View reviewed changes
pkg/apis/kops/cluster.go Outdated
IdleTimeoutSeconds *int64 `json:"idleTimeoutSeconds,omitempty"`
// AdditionalSecurityGroups attaches additional security groups (e.g. sg-123456).
AdditionalSecurityGroups []string `json:"additionalSecurityGroups,omitempty"`
// SecurityGroup is the id of the shared security group to use for the InstanceGroupSpec.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comment copy-pasted from InstanceGroup?

KashifSaadat
KashifSaadat reviewed Jan 8, 2018
View reviewed changes
pkg/apis/kops/v1alpha1/cluster.go Outdated
IdleTimeoutSeconds *int64 `json:"idleTimeoutSeconds,omitempty"`
// AdditionalSecurityGroups attaches additional security groups (e.g. sg-123456).
AdditionalSecurityGroups []string `json:"additionalSecurityGroups,omitempty"`
// SecurityGroup is the id of the shared security group to use for the InstanceGroupSpec.
Copy link
Contributor

@KashifSaadat KashifSaadat Jan 8, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Update comment here (same applies to main & v1alpha2), applied to the Kube API Load Balancer (ELB).

@KashifSaadat
Copy link
Contributor

One minor comment, otherwise LGTM. :)

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: chrislovecnm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 18, 2018
@chrislovecnm chrislovecnm force-pushed the shared-security-groups-api branch 3 times, most recently from b0f1510 to de9711e Compare February 26, 2018 20:53
@justinsb justinsb modified the milestones: 1.9.0, 1.10 Apr 1, 2018
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jun 30, 2018
@justinsb justinsb modified the milestones: 1.10, 1.11 Jul 18, 2018
@rdrgmnzs
Copy link
Contributor

rdrgmnzs commented Aug 6, 2018

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Aug 6, 2018
@rdrgmnzs rdrgmnzs mentioned this pull request Sep 3, 2018
Merged
@justinsb
Copy link
Member

justinsb commented Oct 2, 2018

This functionality is in #5744, closing

@justinsb justinsb closed this Oct 2, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justinsb justinsb justinsb left review comments

@KashifSaadat KashifSaadat KashifSaadat left review comments

Assignees

@KashifSaadat KashifSaadat

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. scheduled-to-close size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
1.11
Development

Successfully merging this pull request may close these issues.

None yet
9 participants
@chrislovecnm @justinsb @robinpercy @k8s-github-robot @KashifSaadat @k8s-ci-robot @fejta-bot @rdrgmnzs @geojaz