b200d368cd
This patch adds support for Network Policy on services. It applies pods' security groups onto the services in front of them. It makes the next assumptions: - All the pods pointed by one svc have the same labels, thus the same sgs being enforced - Only copies the SG rules that have the same protocol and direction as the listener being created - Adds a default rule to NP to enable traffic from services subnet CIDR Partially Implements: blueprint k8s-network-policies Change-Id: Ibd4b51ff40b69af26ab7e7b81d18e63abddf775b |
||
---|---|---|
.. | ||
__init__.py | ||
ingress_lbaas.py | ||
lbaas.py | ||
namespace.py | ||
pipeline.py | ||
pod_label.py | ||
policy.py | ||
vif.py |