662794bded
By default pods in Kubernetes can connect to each other. However in Qinling, each pod should be independent acting as a worker of a function or running an execution of a function. Disabling the inter-pods traffic in the namespace used by Qinling would ensure the isolation of each pod. This commit leverages the NetworkPolicy in Kubernetes[1] to isolate the pods. So a network solution which supports NetworkPolicy (for example, cailco) for Kubernetes must be used or there will be no effect. [1] https://kubernetes.io/docs/concepts/services-networking/network-policies/ Story: 2001585 Task: 6534 Change-Id: I368323410e92cc23c9a7b50e4936c7070cd57ef7 |
||
|---|---|---|
| .. | ||
| cfssl-ca-config.json | ||
| cfssl-client-csr.json | ||
| k8s_qinling_role.yaml | ||