Kubernetes integration with OpenStack networking

Go to file

Michał Dulko 643effc340 Fix NPs for OVN LBs with hairpin traffic In case of hairpin LB traffic (member of the LB calls the LB and the request is directed back to the same member) OVN replaces the source-ip of the request with the LB IP. This means that pods with network policies applied may have that traffic blocked when it should be allowed. To fix that this commit makes sure that SGs used for NPs include ingress rules for each of the Service in it's namespace. It's not ideal but seems to be a fair compromise between opening as little traffic as possible and increasing number of security groups and rules. As this commit makes sure all the NPs in the namespaces are reanalyzed every time a Service is created or deleted, a little fixes in order to support that are also made. Change-Id: I7e0458c4071e4a43ab4d158429e05c67cd897a3c Closes-Bug: 1923452 (cherry picked from commit `e84a6a707e`)		2021-05-06 12:19:51 +00:00
.zuul.d	Merge "Adds SCTPConnectivity tests to e2e network policy tests"	2021-03-16 19:32:40 +00:00
contrib	[DOCS] Testing SCTP service support	2021-01-15 11:47:25 +01:00
devstack	Merge "Enable SCTP service test in tempest.conf"	2021-03-12 23:19:04 +00:00
doc	Merge "Update documentation for svc and ep annotation to KuryrLoadBalancer"	2021-02-05 12:39:30 +00:00
etc	Update 10-kuryr.conf to 10-kuryr.conflist, and generate the	2020-09-02 20:03:51 +02:00
kubernetes_crds	Leaks of loadbalancer	2020-09-21 14:28:45 +00:00
kuryr_cni	Returns CNI errors in specified form	2020-11-07 07:03:03 +00:00
kuryr_kubernetes	Fix NPs for OVN LBs with hairpin traffic	2021-05-06 12:19:51 +00:00
playbooks	Adds SCTPConnectivity tests to e2e network policy tests	2021-03-12 11:52:39 +01:00
releasenotes	Include release notes for Service without selectors	2021-03-10 14:43:06 -03:00
tools	Multiple nodes subnets support	2021-01-22 13:41:39 +01:00
.coveragerc	tox: fix coverage	2016-11-18 10:14:56 +03:00
.dockerignore	ignore docker files for better docker image reuse	2020-03-16 16:40:57 +03:00
.gitignore	ignore Editor tags	2018-09-25 12:16:08 +02:00
.gitreview	Update .gitreview for stable/wallaby	2021-03-25 14:45:52 +00:00
.pre-commit-config.yaml	Add support for pre-commit-hooks	2018-09-27 13:05:43 +02:00
.stestr.conf	Switch to using stestr	2018-07-16 15:43:10 +00:00
CONTRIBUTING.rst	[ussuri][goal] Update contributor docs	2020-04-23 12:00:44 +02:00
HACKING.rst	Fix inconsistency in headlines format.	2019-11-13 11:39:10 +01:00
LICENSE	cookiecutter commit for kuryr-kubernetes	2016-05-22 08:54:07 +03:00
README.rst	Change inline hyperlinks to link-target pairs.	2019-11-13 12:50:05 +01:00
babel.cfg	cookiecutter commit for kuryr-kubernetes	2016-05-22 08:54:07 +03:00
cni.Dockerfile	Update TOX_CONSTRAINTS_FILE for stable/wallaby	2021-03-25 16:20:11 +01:00
cni_ds_init	Update 10-kuryr.conf to 10-kuryr.conflist, and generate the	2020-09-02 20:03:51 +02:00
controller.Dockerfile	Update TOX_CONSTRAINTS_FILE for stable/wallaby	2021-03-25 16:20:11 +01:00
lower-constraints.txt	Fix CI issues	2020-12-10 18:59:13 +01:00
requirements.txt	Fix CI issues	2020-12-10 18:59:13 +01:00
setup.cfg	Add OpenShiftNodesSubnets driver and MachineHandler	2021-01-22 13:41:39 +01:00
setup.py	Updated from global requirements	2017-03-15 12:44:19 +00:00
test-requirements.txt	Fix hacking min version to 3.0.1	2020-05-13 10:24:05 +02:00
tox.ini	Update TOX_CONSTRAINTS_FILE for stable/wallaby	2021-03-25 16:20:11 +01:00

README.rst

Team and repository tags

Project description

Kubernetes integration with OpenStack networking

The OpenStack Kuryr project enables native Neutron-based networking in Kubernetes. With Kuryr-Kubernetes it's now possible to choose to run both OpenStack VMs and Kubernetes Pods on the same Neutron network if your workloads require it or to use different segments and, for example, route between them.

Free software: Apache license
Documentation: https://docs.openstack.org/kuryr-kubernetes/latest
Source: https://opendev.org/openstack/kuryr-kubernetes
Bugs: https://bugs.launchpad.net/kuryr-kubernetes
Overview and demo: https://superuser.openstack.org/articles/networking-kubernetes-kuryr
Release notes: https://docs.openstack.org/releasenotes/kuryr-kubernetes/

Contribution guidelines

For the process of new feature addition, refer to the Kuryr Policy.