cloud-provider-openstack icon indicating copy to clipboard operation
cloud-provider-openstack copied to clipboard

Published 20 hours ago verified publisher icon kubernetes

Remove SGs from non-existent nodes ports on Update

Open EmilienM opened this issue 1 year ago • 1 comments

Current code assumes that if a Node has been removed from the list on UpdateLoadBalancer(), we don't care about it's security group. We could update applyNodeSecurityGroupIDForLB() to also lookup ports that have the SG tag and detach the SG from the ports that aren't belonging to the ports of the current list of Nodes.

https://github.com/kubernetes/cloud-provider-openstack/blob/04bd8e1343d630a0db3e9093dd71f59e477ee7ad/pkg/openstack/loadbalancer_sg.go#L72-L99

EmilienM avatar Oct 21 '24 15:10 EmilienM