Uploaded image for project: 'OpenStack as Infra'
  1. OpenStack as Infra
  2. OSASINFRA-3296

CAPO: new API for Security Groups

    XMLWordPrintable

Details

    • ShiftStack Sprint 245, ShiftStack Sprint 246, ShiftStack Sprint 247, ShiftStack Sprint 248

    Description

      Currently, CAPO is very opinionated when Security Groups are managed and over time too many rules were added without enough flexibility.

      In OpenShift, we need more than the default rules for both the control plane & security group. Also, we need to replace Terraform to create additional Security Groups that will later be used by the machines.

      We want to achieve this in CAPO.

       

      Upstream issue: https://github.com/kubernetes-sigs/cluster-api-provider-openstack/issues/1752

      Upstream KEP: https://github.com/kubernetes-sigs/cluster-api-provider-openstack/pull/1756

       

      Attachments

        Issue Links

          is blocked by

          Task - Represents a small unit of work that is not end-user facing. OSASINFRA-3349 CAPO: refactor how ports are managed

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed

          Activity

            People

              emacchi@redhat.com Emilien Macchi
              emacchi@redhat.com Emilien Macchi
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: