-
Epic
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
None
-
None
-
admin-network-policy-fqdn
-
BU Product Work
-
False
-
None
-
False
-
Not Selected
-
To Do
-
OCPSTRAT-1575 - Implement FQDN Egress Peer in OVNK AdminNetworkPolicy
-
-
100% To Do, 0% In Progress, 0% Done
-
---
-
0
-
0
Template:
Networking Definition of Planned
Epic Template descriptions and documentation
Epic Goal
Goal here is to implement https://github.com/kubernetes-sigs/network-policy-api/pull/200 FQDN egress peer in admin network policy API for OVNKubernetes.
Why is this important?
Customers want to use admin network policies by specifying domains as peers. EgressFirewall supports this: https://issues.redhat.com/browse/NE-463 behind a feature gate today. However it will be nice to just get the same backend implementation work that was done for supporting wildcard DNS rules can be used here as well. See https://network-policy-api.sigs.k8s.io/npeps/npep-133/ for details. Besides that, moving forward we'd like to deprecate EFW and spend cycles on ANP since that is the future.
Planning Done Checklist
The following items must be completed on the Epic prior to moving the Epic from Planning to the ToDo status
Priority+ is set by engineering- Epic must be Linked to a +Parent Feature
- Target version+ must be set
- Assignee+ must be set
- (Enhancement Proposal is Implementable
- (No outstanding questions about major work breakdown
- (Are all Stakeholders known? Have they all been notified about this item?
- Does this epic affect SD? {}Have they been notified{+}? (View plan definition for current suggested assignee)
- Please use the "Discussion Needed: Service Delivery Architecture Overview" checkbox to facilitate the conversation with SD Architects. The SD architecture team monitors this checkbox which should then spur the conversation between SD and epic stakeholders. Once the conversation has occurred, uncheck the "Discussion Needed: Service Delivery Architecture Overview" checkbox and record the outcome of the discussion in the epic description here.
- The guidance here is that unless it is very clear that your epic doesn't have any managed services impact, default to use the Discussion Needed checkbox to facilitate that conversation.
Additional information on each of the above items can be found here: Networking Definition of Planned
Acceptance Criteria
- CI - MUST be running successfully with tests automated
- Release Technical Enablement - Provide necessary release enablement
details and documents.
...
Dependencies (internal and external)
- https://network-policy-api.sigs.k8s.io/npeps/npep-133/
- https://github.com/kubernetes-sigs/network-policy-api/pull/200
...
Previous Work (Optional):
Open questions::
1. ...
Done Checklist
- CI - CI is running, tests are automated and merged.
- Release Enablement <link to Feature Enablement Presentation>
- DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
- DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
- DEV - Downstream build attached to advisory: <link to errata>
- QE - Test plans in Polarion: <link or reference to Polarion>
- QE - Automated tests merged: <link or reference to automated tests>
- DOC - Downstream documentation merged: <link to meaningful PR>
- is blocked by
-
FDP-815 Add an ACL option to allow established sessions
-
- Code Review
-
- is cloned by
-
-
- New
-
-
-
- New
-
-
-
- Closed
-
- is related to
-
-
- New
-