-
Feature
-
Resolution: Unresolved
-
Major
-
None
-
None
-
BU Product Work
-
False
-
-
False
-
0% To Do, 43% In Progress, 57% Done
-
0
-
Program Call
We should be able to correlate flows with network policies:
- which policy allowed that flow?
- what's the dropped flows?
- provide global stats on dropped / accepted traffic
PoC doc: https://docs.google.com/document/d/14Y3YYFxuOs3o-Lkipf-d7ZZp5gpbk6-01ZT_fTraCu8/edit
There are two possible approaches in terms of implementation:
- Add new "netpolicy flows" on top of existing flows
- Enrich existing flows with netpolicy info.
The PoC describes the former, however it is probably most interesting to aim the latter. (95% of the PoC is valid in both cases, ie. all the "low level" parts: OvS, OVN). The latter involves more work in FLP.
- is blocked by
-
NETOBSERV-729 (SPIKE) Policy correlation
- Closed
- is cloned by
-
OCPSTRAT-1635 OVN Observability with Sampling (G A )
- In Progress
- links to
(2 links to)