Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-974

SR-IOV MutiNetworkPolicy: rules do not work without the policyTypes field

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • Important
    • None
    • None
    • Rejected
    • CNF Network Sprint 235, CNF Network Sprint 237, CNF Network Sprint 238, CNF Network Sprint 239, CNF Network Sprint 240
    • 5
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:

      According API documentation policyTypes field is optional:
 https://docs.openshift.com/container-platform/4.11/rest_api/network_apis/networkpolicy-networking-k8s-io-v1.html#specification

If this field is not specified, it will default based on the existence of Ingress or Egress rules;
      But if policyTypes is not specified all traffic dropped despite what is stated in the rule

       

      Version-Release number of selected component (if applicable):

      4.12

      How reproducible:

      100%

      Steps to Reproduce:

      1. Configure sriov (nodepolicy + sriovnetwork)
2. Configure 2 pods
3. enable MutiNetworkPolicy
4. apply  MutiNetworkPolicy:
spec:
  podSelector:
    matchLabels:
      pod: pod1
  ingress:
  - from:
    - ipBlock:
        cidr: 192.168.0.2/32
5. send traffic between pods (192.168.0.2 => pod=pod1)

      Actual results:

      traffic dropped

      Expected results:

      traffic passed

      Additional info:

       

              apanatto@redhat.com Andrea Panattoni
              rhn-cnf-elevin Evgeny Levin
              None
              None
              Evgeny Levin Evgeny Levin
              None
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

                Created:
                Updated: