[terraform][openstack] allow disabling port_security at port level #8455
Conversation
Use openstack_networking_port_v2 and openstack_networking_floatingip_associate_v2 to attach floating ips. This gives us more flexibility on disabling port security when binding instances directly on provider networks in private cloud scenario.
k8s-ci-robot
added
kind/bug
k8s-ci-robot
added
the
size/L
|
Hi, I haven't currently the ability to test it. From my prospective I think that should work. The OTC supports this types of resources. One remark, I may recommend removing the tag |
|
Thanks @r0b2g1t for this info, in this case I think we can merge it as is.
I had previously introduced the ability to disable port security at the network level but this uncovered a bug when using it on a provider network so from this perspective it is both a bug fix and a feature at the same time. |
I understand, maybe you can add this sentence to the Fix paragraph of this PR description? Thank you in advance. :-) |
|
I am fine to go forward with this pull request. |
|
I updated the description but I'm somewhat confused of this request since it does not end up in the git commit message. |
|
Thanks, for adding it to the description. The advantage is that it is easier for reviewers and developers who are not so deeply involved in the topic to get started and understand the history of it. That this is a fix for a bug that was triggered by the previous PR that allows port security to be switched off was not obvious to me from the beginning. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cristicalin, floryut The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
floryut
added
release-note
|
Thanks for updating. /lgtm |
k8s-ci-robot
added
the
lgtm
…ubernetes-sigs#8455) Use openstack_networking_port_v2 and openstack_networking_floatingip_associate_v2 to attach floating ips. This gives us more flexibility on disabling port security when binding instances directly on provider networks in private cloud scenario.
…ubernetes-sigs#8455) Use openstack_networking_port_v2 and openstack_networking_floatingip_associate_v2 to attach floating ips. This gives us more flexibility on disabling port security when binding instances directly on provider networks in private cloud scenario.
…ubernetes-sigs#8455) Use openstack_networking_port_v2 and openstack_networking_floatingip_associate_v2 to attach floating ips. This gives us more flexibility on disabling port security when binding instances directly on provider networks in private cloud scenario.
Use openstack_networking_port_v2 and openstack_networking_floatingip_associate_v2
to attach floating ips. This gives us more flexibility on disabling port security
when binding instances directly on provider networks in private cloud scenario.
What type of PR is this?
/kind bug
/kind feature
What this PR does / why we need it:
This PR allows instances created with our terraform code to be bound directly on a provider network which is a current limitation/bug when needing to disable port security. This PR has the side effect of disabling a workaround for opentelekom cloud but since I'm not able to test on that cloud I'm not sure the workaround is still needed there.
I have previously introduced the ability to disable port security at the network level (#8410) but this uncovered a bug when using it on a provider network so from this perspective it is both a bug fix and a feature at the same time.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: