Uploaded image for project: 'OpenShift CFE'
  1. OpenShift CFE
  2. CFE-888

As a developer, I want to implement changes in Cluster Network Operator to enable the feature in ovn-k using a new arg

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Major Major
    • None
    • None
    • None
    • None
    • 5
    • False
    • None
    • False
    • OCPSTRAT-523 - [Tech Preview] Improve CoreDNS Integration with EgressFirewall
    • CFE Sprint 245, CFE Sprint 246, CFE Sprint 247, CFE Sprint 248, CFE Sprint 253

      Make the changes as per the proposed enhancement https://github.com/openshift/enhancements/pull/1335

      • To add the support of DNSNameResolver CRD in OVN-K, add the flag --enable-dns-name-resolver to the corresponding OVN-K pods.

      Note: The flag should be added to OVN-K after checking if the feature-gate DNSNameResolver is enabled.

      • Add rbac permissions for DNSNameResolver resources to ovn-kubernetes. The following permissions should be added to 002-rbac-node.yaml, 003-rbac-controller.yaml and 004-rbac-control-plane.yaml files in bindata/network/ovn-kubernetes/common/ directory
      - apiGroups: ["network.openshift.io"]
        resources:
        - dnsnameresolvers
        verbs:
        - create
        - delete
        - get
        - list
        - patch
        - update
        - watch 
      • Update the 001-crd.yaml file in bindata/network/ovn-kubernetes/common/ directory with the latest EgressFirewall CRD.

            rh-ee-ckyal Chirag Kyal
            rh-ee-arsen Arkadeep Sen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours
                3h