First stab at extending the "uid" configmap to store firewall
rule information.
This commit is contained in:
Christian Bell
parent
fb8e2d7373
commit
b259c9b349
8 changed files with 217 additions and 91 deletions
|
|
@ -92,8 +92,9 @@ const (
|
|||
|
||||
// Namer handles centralized naming for the cluster.
|
||||
type Namer struct {
|
||||
clusterName string
|
||||
nameLock sync.Mutex
|
||||
clusterName string
|
||||
firewallName string
|
||||
nameLock sync.Mutex
|
||||
}
|
||||
|
||||
// NewNamer creates a new namer.
|
||||
|
|
@ -103,6 +104,14 @@ func NewNamer(clusterName string) *Namer {
|
|||
return namer
|
||||
}
|
||||
|
||||
// NewNamer creates a new namer with a Firewall Name
|
||||
func NewNamerWithFirewall(clusterName string, firewallName string) *Namer {
|
||||
namer := &Namer{}
|
||||
namer.SetClusterName(clusterName)
|
||||
namer.SetFirewallName(firewallName)
|
||||
return namer
|
||||
}
|
||||
|
||||
// NameComponents is a struct representing the components of a a GCE resource
|
||||
// name constructed by the namer. The format of such a name is:
|
||||
// k8s-resource-<metadata, eg port>--uid
|
||||
|
|
@ -123,6 +132,16 @@ func (n *Namer) SetClusterName(name string) {
|
|||
n.clusterName = name
|
||||
}
|
||||
|
||||
// SetFirewallName sets the firewall name of this cluster.
|
||||
func (n *Namer) SetFirewallName(firewall_name string) {
|
||||
n.nameLock.Lock()
|
||||
defer n.nameLock.Unlock()
|
||||
if n.firewallName != firewall_name {
|
||||
glog.Infof("Changing firewall name from %v to %v", n.firewallName, firewall_name)
|
||||
n.firewallName = firewall_name
|
||||
}
|
||||
}
|
||||
|
||||
// GetClusterName returns the UID/name of this cluster.
|
||||
func (n *Namer) GetClusterName() string {
|
||||
n.nameLock.Lock()
|
||||
|
|
@ -130,6 +149,18 @@ func (n *Namer) GetClusterName() string {
|
|||
return n.clusterName
|
||||
}
|
||||
|
||||
// GetFirewallName returns the firewall name of this cluster.
|
||||
func (n *Namer) GetFirewallName() string {
|
||||
n.nameLock.Lock()
|
||||
defer n.nameLock.Unlock()
|
||||
// Retain backwards compatible behavior where firewallName == clusterName.
|
||||
if n.firewallName == "" {
|
||||
return n.clusterName
|
||||
} else {
|
||||
return n.firewallName
|
||||
}
|
||||
}
|
||||
|
||||
// Truncate truncates the given key to a GCE length limit.
|
||||
func (n *Namer) Truncate(key string) string {
|
||||
if len(key) > nameLenLimit {
|
||||
|
|
@ -216,12 +247,12 @@ func (n *Namer) IGName() string {
|
|||
|
||||
// FrSuffix constructs the glbc specific suffix for the FirewallRule.
|
||||
func (n *Namer) FrSuffix() string {
|
||||
clusterName := n.GetClusterName()
|
||||
firewallName := n.GetFirewallName()
|
||||
// The entire cluster only needs a single firewall rule.
|
||||
if clusterName == "" {
|
||||
if firewallName == "" {
|
||||
return globalFirewallSuffix
|
||||
}
|
||||
return n.Truncate(fmt.Sprintf("%v%v%v", globalFirewallSuffix, clusterNameDelimiter, clusterName))
|
||||
return n.Truncate(fmt.Sprintf("%v%v%v", globalFirewallSuffix, clusterNameDelimiter, firewallName))
|
||||
}
|
||||
|
||||
// FrName constructs the full firewall rule name, this is the name assigned by
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue