Update security-group documentation

[abhishek-pandey-1]

…hub.com/kubeovn/kube-ovn/pull/6330

Co-authored-by: Copilot (copilot@github.com)

• Make sure you have followed the Document Convention

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request updates the security group documentation to reflect recent feature enhancements in Kube-OVN. It introduces detailed explanations and examples for tiered security groups, allowing for hierarchical ACL evaluation, and granular filtering based on local addresses and source ports. The changes aim to provide users with up-to-date information on advanced security group configurations and their proper usage.

Highlights

• Tiered Security Groups Documentation: Added comprehensive documentation for the new 'Tiered Security Groups' feature, including the tier field and the policy: pass action, along with a detailed example.
• Local Address and Source Port Filtering Documentation: Introduced documentation for enhanced security group rules supporting localAddress and sourcePortRangeMin/sourcePortRangeMax for more granular filtering, complete with an example.
• Security Group Priority Range Update: Updated the documentation to reflect the expanded priority value range for security groups from 1-200 to 1-16384.
• New Caution for Tiered Security Groups: Added a caution note clarifying that the policy: pass action is only valid in tier 0 and will result in a validation error if used in tier 1.

Changelog

• docs/vpc/security-group.en.md
  • Added a new section 'Tiered Security Groups' with explanations for the tier field and policy: pass action, including a YAML example.
  • Added a new section 'Local Address and Source Port Filtering' with details on localAddress and sourcePortRangeMin/sourcePortRangeMax fields, including a YAML example.
  • Updated the documented priority range from 1-200 to 1-16384.
  • Added a new caution regarding the usage of policy: pass only in tier 0.
• docs/vpc/security-group.md
  • Added a new section '分层安全组' (Tiered Security Groups) with explanations for the tier field and policy: pass action, including a YAML example.
  • Added a new section '本地地址和源端口过滤' (Local Address and Source Port Filtering) with details on localAddress and sourcePortRangeMin/sourcePortRangeMax fields, including a YAML example.
  • Updated the documented priority range from 1-200 to 1-16384.
  • Added a new caution regarding the usage of policy: pass only in tier 0.

Activity

• No specific activity (comments, reviews) has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request updates the security group documentation to include new features: Tiered Security Groups and Local Address/Source Port Filtering. The documentation for both English and Chinese versions is updated. The changes are generally clear and well-structured. I have a couple of suggestions to improve clarity regarding the priority mapping and the default behavior of tiered security groups.