nvazquez commented on code in PR #69: URL: https://github.com/apache/cloudstack-kubernetes-provider/pull/69#discussion_r1686667880
########## cloudstack_loadbalancer.go: ########## @@ -790,6 +852,29 @@ func (lb *loadBalancer) updateFirewallRule(publicIpId string, publicPort int, pr return true, err } +func (lb *loadBalancer) updateNetworkACL(publicPort int, protocol LoadBalancerProtocol, networkId string) (bool, error) { + network, _, err := lb.Network.GetNetworkByID(networkId) + if err != nil { + return false, fmt.Errorf("error fetching Network with ID: %v, due to: %s", networkId, err) + } + + // create ACL rule + acl := lb.NetworkACL.NewCreateNetworkACLParams(protocol.CSProtocol()) + acl.SetAclid(network.Aclid) + acl.SetAction("Allow") Review Comment: Can you make these values parametrized? (action, cird, trafficType) - it looks like you currently want them for adding the default ACL allow but it can be reused later if parameters are used ########## cloudstack_loadbalancer.go: ########## @@ -299,9 +320,29 @@ func (cs *CSCloud) EnsureLoadBalancerDeleted(ctx context.Context, clusterName st if err != nil { klog.Errorf("Error parsing port: %v", err) } else { - _, err = lb.deleteFirewallRule(lbRule.Publicipid, int(port), protocol) + networkId, err := cs.getNetworkIDFromIPAddress(lb.ipAddrID) if err != nil { - klog.Errorf("Error deleting firewall rule: %v", err) + return err + } + network, count, err := lb.Network.GetNetworkByID(networkId, cloudstack.WithProject(lb.projectID)) + if err != nil { + if count == 0 { + klog.Errorf("No network found") Review Comment: Minor one: can you also add the network ID on the message? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org