-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
switch to egress based network policies for kubervirt provider #12329
Conversation
/test pre-kubermatic-e2e-kubevirt-centos-1.27 |
Given that this changes the way the default isolation works, should the release notes for this be marked as "action required" and give a brief heads up that you might need to migrate your custom policies to consider egress limitation? |
We have to update tests in KKP to use rook as well. |
Maybe we could add automatic removal of the old policy in this PR? |
That's another excellent point, we need migration/cleanup from old to new state. |
This should be fine already because I just alter the existing network policy. Therefore no migration needed for that. Just custom network policies needs to be taken care of but this is up to the user. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
/lgtm
LGTM label has been added. Git tree hash: abbac5c7cdb790d6b1400784b3d3f2eb61f19caa
|
/retest |
/retest Review the full test history Silence the bot with an |
1 similar comment
/retest Review the full test history Silence the bot with an |
/test pre-kubermatic-e2e-kubevirt-ubuntu-1.27 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
/lgtm
LGTM label has been added. Git tree hash: e48447013457f9080abaed8b5e49bf617d9cee94
|
/test pre-kubermatic-e2e-kubevirt-ubuntu-1.27 |
/retest |
@WeirdMachine: The following test failed, say
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
/lgtm
LGTM label has been added. Git tree hash: 4fd00b9cb33a9c3a55d042a64252a61122dbe369
|
/test pre-kubermatic-e2e-kubevirt-ubuntu-1.27 |
/unhold I had to increase the test timeout probably because the ceph storage is a little bit slower. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ahmedwaleedmalik, mfranczy, WeirdMachine The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What this PR does / why we need it:
Introduces Egress based network policies for KubeVirt.
Which issue(s) this PR fixes:
Fixes #12328
What type of PR is this?
Special notes for your reviewer:
Does this PR introduce a user-facing change? Then add your Release Note here:
Documentation: