Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Follow on for #5744 #5862

Merged
merged 8 commits into from
Oct 3, 2018
Merged

Follow on for #5744 #5862

merged 8 commits into from
Oct 3, 2018

Conversation

justinsb
Copy link
Member

@justinsb justinsb commented Oct 2, 2018

Address some cases where users mix security groups in a role, or mix
override & default security groups.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Oct 2, 2018
@justinsb
Still materialize terraform output in tests
076742f 
If we skip it, we can't test it.  We do expect that most users will
use a lifecycle that only warns though.
@justinsb
Build security groups along with suffixes
bfb5493 
Fixes the case where we mix use of specified & default SGs.
@justinsb
Test case where we mix override & default SGs
1f2a804
@justinsb
We need to create the cross-product of rules for SG overrides
1906bcd 
e.g. each master SGs need to be configured to talk to each master SG
@justinsb
Use JoinSuffixes for node->master traffic, also fix AmazonVPC rule
1e2a629 
This ensures we are consistently naming our rules
@justinsb
Support override security groups with bastion
9a66534
@justinsb
Simplify building of security groups
81cadec 
Also add comments about why we don't set e.g. RemoveExtraRules
@justinsb justinsb mentioned this pull request Oct 2, 2018
Merged
@justinsb
Copy link
Member Author

justinsb commented Oct 2, 2018

cc @rdrgmnzs

@justinsb justinsb mentioned this pull request Oct 2, 2018
Merged
@rdrgmnzs
Copy link
Contributor

rdrgmnzs commented Oct 2, 2018

/test pull-kops-e2e-kubernetes-aws

@rdrgmnzs
Copy link
Contributor

rdrgmnzs commented Oct 2, 2018

Thanks for the cleanup @justinsb

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 2, 2018
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: justinsb, rdrgmnzs

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@rdrgmnzs
Copy link
Contributor

rdrgmnzs commented Oct 2, 2018

/test pull-kops-e2e-kubernetes-aws

@k8s-ci-robot k8s-ci-robot merged commit 3fe0287 into kubernetes:master Oct 3, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrisz100 chrisz100 Awaiting requested review from chrisz100

@robinpercy robinpercy Awaiting requested review from robinpercy

Assignees

@rdrgmnzs rdrgmnzs

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@justinsb @rdrgmnzs @k8s-ci-robot