Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-2176

Evaluate compliance with OpenShift Network Policies initiative

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • Evaluate compliance with OpenShift Network Policies initiative
    • None
    • 0% To Do, 0% In Progress, 100% Done
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • None

      Network Observability needs to evaluate the need the for network policies/admin network policies in our namespaces to comply with the OpenShift initiative to have namespaces restrict ingress/egress/inter-cluster traffic in a reasonable way.  The initial goal is to have basic restriction which may be loose and then to tighten the policies based on feedback and real-world experience.

      See:  https://docs.google.com/document/d/1z9MEZAIZNpdPZV_NWVLGM1tMPFhgwW4q6BpJSgbOdJg/edit

       

      Additional notes:

      • Netobserv already has a network policy install available via NETOBSERV-1377...
      • ...but it's opt-in. We should make it "secured by default" hence opt-out.
      • Also it doesn't cover egress, which we had troubles to implement. Let's try harder.

              ocazade@redhat.com Olivier Cazade
              mifiedle@redhat.com Mike Fiedler
              None
              None
              Amogh Rameshappa Devapura Amogh Rameshappa Devapura
              None
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: