Goal

Productize passt as an alternative binding used for primary user-defined networks. Passt should provide us with a maintainable solution that allows seamless integration with network probes, ACS, Istio, etc.

User Stories

• As a VM user, I want to be able to SSH to my VM for management operations over KAPI, so I don't have to expose my VM's SSH port to the internet.
• As a VM user, I want to have an insight into communication between applications running in my system, so I can troubleshoot issues and spot security threats.
• As a CNV developer, I want to rely on a third-party component for binding, so I don't have to maintain my own.
• As a CNV developer, I want this component to seamlessly support (almost) anything that would work for Pods for VMs as well, so I don't have to invest in custom solution and integration testing with every tool in the OCP ecosystem.

Non-Requirements

• <List of things not included in this epic, to alleviate any doubt raised during the grooming process.>

Notes

• Make sure we exclude well known ports that should stay in the Pod netns in passt (if there are any currently handled that way with masquerade)
• UI work is tracked in CNV-52151