kuryr-kubernetes/kuryr_kubernetes/controller/handlers
Luis Tomas Bolivar b200d368cd Add Network Policy support to services
This patch adds support for Network Policy on services. It
applies pods' security groups onto the services in front of them.
It makes the next assumptions:
- All the pods pointed by one svc have the same labels, thus the same
sgs being enforced
- Only copies the SG rules that have the same protocol and direction
as the listener being created
- Adds a default rule to NP to enable traffic from services subnet CIDR

Partially Implements: blueprint k8s-network-policies
Change-Id: Ibd4b51ff40b69af26ab7e7b81d18e63abddf775b
2019-01-08 06:35:55 -05:00
..
__init__.py Controller event handling pipeline 2016-11-03 13:08:29 +00:00
ingress_lbaas.py OCP-Router: OCP-Route and Ingress LBaaS handlers 2018-06-15 14:47:48 +00:00
lbaas.py Add Network Policy support to services 2019-01-08 06:35:55 -05:00
namespace.py Ensure controller healthchecks passes without CRDs 2018-12-21 12:55:55 +00:00
pipeline.py Revert commits to use UID instead of SelfLink 2018-02-19 17:00:46 +09:00
pod_label.py Update CRD when NP has podSelectors 2019-01-02 22:14:44 +00:00
policy.py Ensure controller healthchecks passes without CRDs 2018-12-21 12:55:55 +00:00
vif.py Update CRD when NP has podSelectors 2019-01-02 22:14:44 +00:00