Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
We recently came across an issue wherein you can implement the NetworkPolicy interface and pass all tests even though certain polices for pods on single nodes arent actually applied.
I'm filing this as a broader testing improvement initiative to make the bar for CNI's higher and more predictable in terms of how network policys are applied and how they work.
What you expected to happen:
The E2E testing suite for NetworkPolicy's would catch situations where multiple pods run on the same host, and confirm that those pods all have the exact same truth table for connectivity.
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?: