NetworkPolicy resources
#778
Conversation
|
🚲 PR staged at http://35.193.239.45 |
|
🚲 PR staged at http://35.193.239.45 |
|
🚲 PR staged at http://35.193.239.45 |
|
🚲 PR staged at http://35.193.239.45 |
|
Note from 1-on-1 with Mathieu:
|
|
🚲 PR staged at http://35.193.239.45 |
There was a problem hiding this comment.
Thanks so much for adding these samples, @mathieu-benoit!
I've made a few comments.
I'm happy to apply these changes myself later today — if you'd like. :)
I've tested everything (in my own GKE cluster) except for step 5 of network-policies.md which I've proposed we shorten (i.e., just link to Exploring Anthos Service Mesh in the Cloud Console).
We'll talk further during our 1-on-1 today.
|
🚲 PR staged at http://35.193.239.45 |
|
Thanks @NimJay for your comments, review and suggestions. I think I took into account all your points, please let me know if you see anything else. Thanks! |
|
🚲 PR staged at http://35.193.239.45 |
|
🚲 PR staged at http://35.193.239.45 |
|
🚲 PR staged at http://35.193.239.45 |
|
FYI: since we talked, I also took the initiative to prefix the files of these new resources by |
Reason: consistency across repository.
|
🚲 PR staged at http://35.193.239.45 |
1 similar comment
|
🚲 PR staged at http://35.193.239.45 |
There was a problem hiding this comment.
Thanks for addressing all my concerns!
The new changes look good.
I like the idea of prefixing the files with something like "networkpolicy_", but I've gone ahead and used dashes to be consistent with file naming conventions of this repo and other repos.
I have also made some minors adjustments to the README.md file (see commits).
Everything looks good!
I'm so happy about this additional. Thanks again, @mathieu-benoit, for all your hard work here!
Approved.
|
Hi @askmeegs, This is the pull-request that we decided (during our meeting yesterday) to revert.
However, I'm realizing that the samples from this pull-request:
So before I revert, I want to know what you think about applying these manifests to onlineboutique.dev and moving them to /.github/release-cluster. For instance, do you think it's even worth adding this to onlineboutique.dev? Note: I talked with @mathieu-benoit and we're both totally okay with deleting these samples forever, so please don't feel pressured to preserve these samples. :) CC: @bourgeoisor |
* Create network-policies.md * Create deny-all.yaml * netpol manifests * refactoring with allow-egress-to-all * docs * more docs * more granular egress netpol * update docs * Create redis.yaml * docs/network-policies/* * remove the network policy logging feature part * we don't deploy yet these resources in our own cluster * networkpolicy_* * Use dashes for NetworkPolicy file names Reason: consistency across repository. * Fix minor issues in network-policies/README.md Co-authored-by: Nim Jayawardena <nimjay@google.com>
Fine granular
NetworkPolicyresources for Online BoutiqueCouple of thoughts and discussions about these new manifests:
kubernetes-manifestsfolder, that's extra manifests for now.Not part of this PR, but future considerations:
NetworkPolicyresources CI process for each PR