Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libvirt_manager extra nets - firewall zone #2492

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

libvirt_manager extra nets - firewall zone #2492

wants to merge 1 commit into from
+44 −2

Conversation

hjensas
Copy link
Contributor

@hjensas hjensas commented Oct 25, 2024
edited
Loading

Add support in the libvirt_manager role to overload the nmstate config passed in cifmw_libvirt_manager_extra_network_configuration with a firewall zone hint using key name cifmw_firewall_zone for an interface in the nmstate interfaces section.

Example:

  cifmw_libvirt_manager_extra_network_configuration:
    interfaces:
      - name: vlan10
        cifmw_firewall_zone: libvirt
        type: vlan 
        ...

The key is filtered before passing the data to the ci_nmstate role.

When defined a task following the task calling ci_nmstate will run the appropriate firewall-cmd to change the zone for the interfaces.

Jira: OSPRH-10966

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Oct 25, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign rebtoor for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@github-actions GitHub Actions
Copy link

Thanks for the PR! ❤️
I'm marking it as a draft, once your happy with it merging and the PR is passing CI, click the "Ready for review" button below.

@github-actions github-actions bot marked this pull request as draft October 25, 2024 16:19
@hjensas hjensas force-pushed the libvirt_manager/extend_add_firwall_zone_extra_net_conf branch 4 times, most recently from 45ab321 to 16c0a1a Compare October 25, 2024 18:09
@softwarefactory-project-zuul softwarefactory-project-zuul
Copy link

Build failed (check pipeline). Post recheck (without leading slash)
to rerun all jobs. Make sure the failure cause has been resolved before
you rerun jobs.

https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/499f66d255764eb2921bbbe4c2a482e5

✔️ openstack-k8s-operators-content-provider SUCCESS in 1h 36m 50s
✔️ podified-multinode-edpm-deployment-crc SUCCESS in 1h 18m 06s
✔️ cifmw-crc-podified-edpm-baremetal SUCCESS in 1h 24m 36s
✔️ noop SUCCESS in 0s
✔️ cifmw-pod-ansible-test SUCCESS in 7m 54s
✔️ cifmw-pod-pre-commit SUCCESS in 7m 22s
✔️ build-push-container-cifmw-client SUCCESS in 36m 47s
cifmw-molecule-libvirt_manager FAILURE in 33m 45s
✔️ cifmw-molecule-reproducer SUCCESS in 16m 53s

@hjensas hjensas force-pushed the libvirt_manager/extend_add_firwall_zone_extra_net_conf branch 3 times, most recently from b0512ab to 87c2347 Compare October 25, 2024 21:05
@hjensas
libvirt_manager extra nets - firewall zone
43c2893 
Add support in the libvirt_manager role to overload the nmstate
config passed in cifmw_libvirt_manager_extra_network_configuration
with a firewall zone hint using key name `cifmw_firewall_zone` for
an interface in the nmstate `interfaces` section.

Example:
  cifmw_libvirt_manager_extra_network_configuration:
    interfaces:
      - name: vlan10
        cifmw_firewall_zone: libvirt
        type: vlan
        ...

The key is filtered before passing the data to the ci_nmstate role.

When defined a task following the task calling ci_nmstate will run the
appropriate firewall-cmd to change the zone for the interfaces.

Jira: OSPRH-10966
@hjensas hjensas force-pushed the libvirt_manager/extend_add_firwall_zone_extra_net_conf branch from 87c2347 to 43c2893 Compare October 25, 2024 21:12
@hjensas hjensas marked this pull request as ready for review October 25, 2024 21:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Ready For Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@hjensas