Uploaded image for project: 'OpenShift CFE'
  1. OpenShift CFE
  2. CFE-888

As a developer, I want to implement changes in Cluster Network Operator to enable the feature in ovn-k using a new arg

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Major Major
    • None
    • None
    • None
    • None
    • Improvement
    • 5
    • False
    • None
    • False
    • OCPSTRAT-523 - [Tech Preview] Improve CoreDNS Integration with EgressFirewall
    • CFE Sprint 245, CFE Sprint 246, CFE Sprint 247, CFE Sprint 248, CFE Sprint 253

      Make the changes as per the proposed enhancement https://github.com/openshift/enhancements/pull/1335

      • To add the support of DNSNameResolver CRD in OVN-K, add the flag --enable-dns-name-resolver to the corresponding OVN-K pods.

      Note: The flag should be added to OVN-K after checking if the feature-gate DNSNameResolver is enabled.

      • Add rbac permissions for DNSNameResolver resources to ovn-kubernetes. The following permissions should be added to 002-rbac-node.yaml, 003-rbac-controller.yaml and 004-rbac-control-plane.yaml files in bindata/network/ovn-kubernetes/common/ directory
      - apiGroups: ["network.openshift.io"]
  resources:
  - dnsnameresolvers
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
      • Update the 001-crd.yaml file in bindata/network/ovn-kubernetes/common/ directory with the latest EgressFirewall CRD.

              rh-ee-ckyal Chirag Kyal
              rh-ee-arsen Arkadeep Sen
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 3 hours
                  3h