Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve policy documentation #9763

Merged
merged 2 commits into from
Dec 20, 2019
Merged

Improve policy documentation #9763

merged 2 commits into from
Dec 20, 2019

Conversation

joestringer
Copy link
Member

@joestringer joestringer commented Dec 16, 2019
edited by tgraf
Loading

Fix up some misc docs discrepancies:

  • Init identity was documented in a way that implied stronger usage of it with kubernetes than its typical usage there.
  • The limitations of what traffic CIDR/DNS policy applies to previously didn't include any examples of traffic it doesn't apply to. Document this behaviour.

This change is Reviewable

@joestringer joestringer added pending-review release-note/misc This PR makes changes that have no direct user impact. labels Dec 16, 2019
@joestringer joestringer requested review from a team as code owners December 16, 2019 14:07
@joestringer
Copy link
Member Author

test-docs-please

joestringer
joestringer commented Dec 16, 2019
View reviewed changes
daemon/endpoint.go
@@ -276,6 +276,8 @@ func (d *Daemon) createEndpoint(ctx context.Context, epTemplate *models.Endpoint
}
}

// The following docs describe the cases where the init identity is used:
// http://docs.cilium.io/en/latest/policy/lifecycle/#init-identity
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I expect that this URL will work when we merge the code (tested with the #init-identity added at the end locally and compared with the heading links online). If not I can follow up to make sure it's right.

@joestringer
Copy link
Member Author

test-docs-please

@coveralls
Copy link

coveralls commented Dec 17, 2019
edited
Loading

Coverage Status

Coverage increased (+0.04%) to 45.964% when pulling 728fd7a on joestringer:submit/misc-docs-2019-12-16 into b1aae12 on cilium:master.

@joestringer
docs: Fix reference to init id with k8s
686c91f 
With the kubernetes Cilium CNI, the labels are typically fetched during
endpoint creation, so the lifecycle text here was a bit out-of-date. Fix
it up to be more clear in which cases the init identity is used, and
reference it from the relevant code.

Signed-off-by: Joe Stringer <joe@cilium.io>
@joestringer
docs: Describe cluster restriction to CIDR policy
728fd7a 
Describe the restrictions of which traffic CIDR- and DNS-based policies
apply in a bit more detail.

Signed-off-by: Joe Stringer <joe@cilium.io>
@joestringer
Copy link
Member Author

test-docs-please

@joestringer
Copy link
Member Author

Hit #9779 on travis: https://travis-ci.com/cilium/cilium/builds/141609225 . Retrying.

@joestringer joestringer merged commit 7721c8a into cilium:master Dec 20, 2019
@joestringer joestringer deleted the submit/misc-docs-2019-12-16 branch December 20, 2019 10:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aanm aanm aanm left review comments

Assignees
No one assigned
Labels
release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@joestringer @coveralls @aanm