Uploaded image for project: 'OpenShift SDN'
  1. OpenShift SDN
  2. SDN-1960

detect "pathological" NetworkPolicies

    XMLWordPrintable

Details

    • Story
    • Resolution: Done
    • Undefined
    • openshift-4.10
    • None
    • OpenShift SDN
    • None
    • 0
    • 0

    Description

      Customers sometimes create NetworkPolicies that result in pathologically large numbers of OVS flows, breaking the cluster. We should notice when this is happening, warn the user, and ... not break the cluster.

      (In particular, if you have a policy that podSelects N source pods and M destination pods, we need to generate N * M OVS flows.)

      eg see https://bugzilla.redhat.com/show_bug.cgi?id=1695682, https://bugzilla.redhat.com/show_bug.cgi?id=1968629

       

      Attachments

        Activity

          People

            dwinship@redhat.com Dan Winship
            dwinship@redhat.com Dan Winship
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: