Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-45980

Multi-NetworkPolicy IPBlock definition with pod & namespace selector

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • Important
    • No
    • None
    • None
    • CNF Network Sprint 268, CNF Network Sprint 269, CNF Network Sprint 271, CNF Network Sprint 272, CNF Network Sprint 273, CNF Network Sprint 276, CNF Network Sprint 278, CNF Network Sprint 279
    • 8
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem: As per the documentation, if IPBlock is defined, podSelector and namespaceSelector cannot be defined. So we interpret that in case if all 3 are defined IPBlock should take precedence. During testing with all 3 defined, priority is given to podSelector and namespaceSelector and IPBlock is ignored. Since this is a negative case, i am setting it to low priority.

      Version-Release number of selected component (if applicable): 4.18

      How reproducible: 100%

      Steps to Reproduce:
      1. Create a Multi-NetworkPolicy with egress/ingress rule with podSelector, namespaceSelector and IPBlock

      Actual results: podSelector and namespaceSelector is considered

      Expected results: IPBlock to be considered

      Additional info:

              apanatto@redhat.com Andrea Panattoni
              rh-ee-ajaggapa Anvesh Jaggapatruni
              None
              None
              Anvesh Jaggapatruni Anvesh Jaggapatruni
              None
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: