Skip to content

Update example configuration to reflect new rate limiting feature, and security list specification #240

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Aug 27, 2018
Merged

Update example configuration to reflect new rate limiting feature, and security list specification #240

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
46062a0
Update example configuration to reflect new rate limiting feature, an…
Aug 24, 2018
2cd8e0d
Misc. typos and inconsistencies
Aug 27, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions manifests/cloud-provider-example.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,3 +51,16 @@ loadBalancer:
# Additionally requires the user to mange rules to allow
# inbound traffic to load balancers.
securityListManagementMode: All

# Optional specification of which security lists to modify per subnet. This does not apply if security list management is off.
securityLists:
ocid1.subnet.oc1.phx.aaaaaaaasa53hlkzk6nzksqfccegk2qnkxmphkblst3riclzs4rhwg7rg57q: ocid1.securitylist.oc1.iad.aaaaaaaaqti5jsfvyw6ejahh7r4okb2xbtuiuguswhs746mtahn72r7adt7q
ocid1.subnet.oc1.phx.aaaaaaaahuxrgvs65iwdz7ekwgg3l5gyah7ww5klkwjcso74u3e4i64hvtvq: ocid1.securitylist.oc1.iad.aaaaaaaaqti5jsfvyw6ejahh7r4okb2xbtuiuguswhs746mtahn72r7adt7q

# Optional rate limit controls for accessing OCI API
rateLimiter:
rateLimitQPSRead: 20.0
rateLimitBucketRead: 5
rateLimitQPSWrite: 20.0
rateLimitBucketWrite: 5

4 changes: 2 additions & 2 deletions pkg/oci/load_balancer_security_lists.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ type portSpec struct {
}

type securityListManager interface {
Update(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, sourceCIDRs []string, actaulPorts *portSpec, desiredPorts portSpec) error
Update(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, sourceCIDRs []string, actualPorts *portSpec, desiredPorts portSpec) error
Delete(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, actualPorts portSpec) error
}

Expand Down Expand Up @@ -229,7 +229,7 @@ func (s *defaultSecurityListManager) Update(ctx context.Context, lbSubnets []*co
return s.updateBackendRules(ctx, lbSubnets, backendSubnets, actualPorts, desiredPorts)
}

// Delete the security list rules associated with the listener & backends.
// Delete the security list rules associated with the listener and backends.
//
// If the listener is nil, then only the egress rules from the LB's to the backends and the
// ingress rules from the LB's to the backends will be cleaned up.
Expand Down