Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validations: Support exportTo field #3061

Closed
4 tasks done
xeviknal opened this issue Jul 31, 2020 · 2 comments
Closed
4 tasks done

Validations: Support exportTo field #3061

xeviknal opened this issue Jul 31, 2020 · 2 comments
Assignees
@hhovsepy
Labels
backlog Triaged Issue added to backlog enhancement This is the preferred way to describe new end-to-end features. epic Group issues together. An Epic is an effort that may live several sprints.
Projects
Sprint 68 (v1.46)

Comments

@xeviknal
Copy link
Member

xeviknal commented Jul 31, 2020
edited by hhovsepy

As of today, kiali validations doesn't consider the exportTo field. This field allows users to specify the scope of each config.

This feature provides a mechanism for service owners and mesh administrators to control the visibility of services across namespace boundaries.

One example:

apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
  name: external-svc-https
  namespace: bookinfo
spec:
  hosts:
  - api.dropboxapi.com
  location: MESH_EXTERNAL
  ports:
  - number: 443
    name: https
    protocol: TLS
  resolution: DNS
  exportTo:
  - '.'
  - foo
  - bar

This service entry is only available for bookinfo, foo, bar namespaces only.

Validations has to be adapted to filter those config by the exportTo field. This might trigger thoughts of cross-namespace validations.
@xeviknal xeviknal added the enhancement This is the preferred way to describe new end-to-end features. label Jul 31, 2020
@xeviknal xeviknal mentioned this issue Jul 31, 2020
Closed
@xeviknal xeviknal added area/management refinement Still being full defined before taking any action labels Aug 3, 2020
@lucasponce lucasponce added backlog Triaged Issue added to backlog and removed refinement Still being full defined before taking any action labels Feb 16, 2021
@lucasponce lucasponce mentioned this issue Feb 16, 2021
Closed
@lucasponce lucasponce added this to Backlog in Sprint 53 via automation Feb 16, 2021
@lucasponce lucasponce removed this from Backlog in Sprint 53 Mar 5, 2021
@lucasponce lucasponce added this to Backlog in Sprint 54 via automation Mar 5, 2021
@lucasponce lucasponce removed this from Backlog in Sprint 54 Mar 26, 2021
@lucasponce lucasponce added this to Backlog in Sprint 55 (v1.33) via automation Mar 26, 2021
@lucasponce lucasponce removed this from Backlog in Sprint 55 (v1.33) Apr 16, 2021
@lucasponce lucasponce added this to Backlog in Sprint 56 (v1.34) via automation Apr 16, 2021
@lucasponce lucasponce removed this from Backlog in Sprint 56 (v1.34) May 10, 2021
@lucasponce lucasponce added this to Backlog in Sprint 57 (v1.35) via automation May 10, 2021
@lucasponce lucasponce removed this from Backlog in Sprint 57 (v1.35) May 31, 2021
@lucasponce lucasponce added this to Backlog in Sprint 58 (v1.36) via automation May 31, 2021
@lucasponce lucasponce removed this from Backlog in Sprint 58 (v1.36) Jun 18, 2021
@lucasponce lucasponce added this to Backlog in Sprint 59 (v1.37) via automation Jun 18, 2021
@xeviknal
Copy link
Member Author

xeviknal commented Jul 7, 2021

I am clarifying this issue.

The goal of this issue is to make sure that the validations are using the objects visible for that namespace. The model of visibility that the exportTo introduced made possible that objects that have visibility mesh-wide can only be visible in a very specific list of namespaces.

Using the ServiceEntry of the description. Any workload running within the bookinfo namespace can't call the api.dropboxapi.com because it is not exported.

Therefore, in the validations we shouldn't be managing entities that are not visible in that namespace.

@lucasponce lucasponce removed this from Backlog in Sprint 59 (v1.37) Jul 12, 2021
@lucasponce lucasponce added this to Backlog in Sprint 60 (v1.38) via automation Jul 12, 2021
@hhovsepy hhovsepy mentioned this issue Jul 16, 2021
Merged
@xeviknal xeviknal removed this from Backlog in Sprint 60 (v1.38) Aug 2, 2021
@xeviknal xeviknal added this to Backlog in Sprint 61 (v1.39) via automation Aug 2, 2021
@hhovsepy hhovsepy mentioned this issue Aug 17, 2021
Merged
@lucasponce lucasponce moved this from Backlog to In Progress in Sprint 61 (v1.39) Aug 19, 2021
@lucasponce lucasponce added this to Backlog in Sprint 62 (v1.40) via automation Aug 23, 2021
@lucasponce lucasponce removed this from In Progress in Sprint 61 (v1.39) Aug 23, 2021
@hhovsepy hhovsepy mentioned this issue Aug 26, 2021
Merged
@hhovsepy hhovsepy added the epic Group issues together. An Epic is an effort that may live several sprints. label Aug 31, 2021
@hhovsepy hhovsepy mentioned this issue Sep 1, 2021
Merged
@jshaughn jshaughn added this to In Progress in Sprint 63 (v1.41) Sep 10, 2021
@jshaughn jshaughn removed this from In Progress in Sprint 62 (v1.40) Sep 10, 2021
This was referenced Sep 16, 2021
Merged
Merged
Merged
@lucasponce lucasponce added this to Backlog in Sprint 64 (v1.42) via automation Oct 4, 2021
@lucasponce lucasponce moved this from Backlog to In Progress in Sprint 64 (v1.42) Oct 4, 2021
@lucasponce lucasponce removed this from In Progress in Sprint 63 (v1.41) Oct 4, 2021
@hhovsepy hhovsepy mentioned this issue Oct 19, 2021
Merged
@lucasponce lucasponce removed this from In Progress in Sprint 64 (v1.42) Oct 25, 2021
@lucasponce lucasponce added this to Backlog in Sprint 65 (v1.43) via automation Oct 25, 2021
@lucasponce lucasponce moved this from Backlog to In Progress in Sprint 65 (v1.43) Oct 25, 2021
@lucasponce lucasponce added this to Backlog in Sprint 66 (v1.44) via automation Nov 15, 2021
@lucasponce lucasponce moved this from Backlog to In Progress in Sprint 66 (v1.44) Nov 15, 2021
@lucasponce lucasponce removed this from In Progress in Sprint 65 (v1.43) Nov 15, 2021
@jshaughn jshaughn removed this from In Progress in Sprint 66 (v1.44) Dec 6, 2021
@jshaughn jshaughn added this to Backlog in Sprint 67 (v1.45) via automation Dec 6, 2021
@lucasponce lucasponce moved this from Backlog to In Progress in Sprint 67 (v1.45) Jan 14, 2022
@jshaughn jshaughn removed this from In Progress in Sprint 67 (v1.45) Jan 14, 2022
@jshaughn jshaughn added this to Backlog in Sprint 68 (v1.46) via automation Jan 14, 2022
@jshaughn jshaughn moved this from Backlog to In Progress in Sprint 68 (v1.46) Jan 14, 2022
@hhovsepy
Copy link
Contributor

All epic subtasks are done.

Sprint 68 (v1.46) automation moved this from In Progress to Done Jan 17, 2022
@jmazzitelli jmazzitelli mentioned this issue Nov 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hhovsepy hhovsepy

Labels
backlog Triaged Issue added to backlog enhancement This is the preferred way to describe new end-to-end features. epic Group issues together. An Epic is an effort that may live several sprints.
Projects
No open projects
Sprint 68 (v1.46)
  
Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hhovsepy @xeviknal @lucasponce