yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #87549
[Bug 1949230] [NEW] OVN Octavia provider driver should implement allowed_cidrs to enforce security groups on LB ports
Public bug reported:
Octavia can use OVN as a provider driver using it's driver framework.
The OVN Octavia provider driver, part of ML2/OVN, does not implement all
of the functionality of the Octavia API [1]. One feature that should be
supported is allowed_cidrs.
The Octavia allowed_cidrs functionality allows Octavia to manage and
communicate the CIDR blocks allowed to address an Octavia load balancer.
Implementing this in the OVN provider driver would allow load balancers
to be only accessible from specific CIDR blocks, a requirement for
customer security ina number of scenarios.
[1] https://docs.openstack.org/octavia/latest/user/feature-
classification/index.html#listener-api-features
** Affects: neutron
Importance: Undecided
Status: New
** Tags: ovn ovn-octavia-provider
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1949230
Title:
OVN Octavia provider driver should implement allowed_cidrs to enforce
security groups on LB ports
Status in neutron:
New
Bug description:
Octavia can use OVN as a provider driver using it's driver framework.
The OVN Octavia provider driver, part of ML2/OVN, does not implement
all of the functionality of the Octavia API [1]. One feature that
should be supported is allowed_cidrs.
The Octavia allowed_cidrs functionality allows Octavia to manage and
communicate the CIDR blocks allowed to address an Octavia load
balancer. Implementing this in the OVN provider driver would allow
load balancers to be only accessible from specific CIDR blocks, a
requirement for customer security ina number of scenarios.
[1] https://docs.openstack.org/octavia/latest/user/feature-
classification/index.html#listener-api-features
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1949230/+subscriptions
Follow ups