-
Notifications
You must be signed in to change notification settings - Fork 20
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove NetworkPolicy/SecurityPolicy Finalizer
This patch is to 1. Remove Finalizer for NetworkPolicy CR. 2. Remove Finalizer for SecurityPolicy in VPC network. 3. For T1 network work, the upgrade SecurityPolicy from V4.1.2 still has existing finalizer, however, the new created SecurityPolicy has no finalizer any longer after upgrade. After Finalizer is removed, the deletion process of NetworkPolicy/SecurityPolicy is modified 1. Add the new tag: nsx-op/network_policy_namespaced_name and tag:nsx-op/security_policy_namespaced_name for NetworkPolicy and SecurityPolicy, respectively. The tag nsx-op/XX_namespaced_name value: crNamespace/crName will be used for new indexer function in order to retrieve securitypolicy NSX store. 2. Once the K8s CR(NetworkPolicy/SecurityPolicy) is deleted, the CR will be deleted at once usually if without finalizer. So, there no deletion timestamp could be found in the CR. It's needed to handle K8s deletion even when k8s client finds that the CR not found. 3.Using crNamespace/crName to get the corresponding NSX resource and delete it. 4.If there are multiple NSX resources with the same crNamespace/crName tag value in the NSX store. It's must check the the K8s CR exist to decide which CR is deleted or the new created in the same namespace with the same name.
- Loading branch information
1 parent
5c97290
commit f4d44d7
Showing
10 changed files
with
378 additions
and
212 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.