Git Product home page Git Product logo

bells17 / common-network-policy-operator Goto Github PK

View Code? Open in Web Editor NEW
16.0 16.0 2.0 29.04 MB

Common Network Policy Operator is auto create common network policy to all namespaces.

Home Page: https://hub.docker.com/r/bells17/common-network-policy-controller/

License: MIT License

Dockerfile 0.72% Makefile 2.68% Go 96.59%
golang kubebuilder kubernetes kubernetes-controller kubernetes-crd kubernetes-operator

common-network-policy-operator's Introduction

Hi ๐Ÿ‘‹, I'm @bells17

I'm a software engineer and cloud infrastracture engineer.

I love Kubernetes and Cloud Native technologies.

pv github github twitter

kubernetes docker linux aws gcp heroku nginx mysql mongodb redis
go nodejs ruby php python scala express vuejs rails laravel yarn webpack


๐Ÿ“ซ Get in touch


bells17 github stats

common-network-policy-operator's People

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

eformat

common-network-policy-operator's Issues

networkpolicy objects missing

Having deployed the operator (openshift 4.2 / k8s 1.14), and injected a couple sample CommonNetworkPolicy objects, I do not see any NetworkPolicy being created.

Looking at the pod logs:

$ oc logs controller-manager-fb57584dc-s7xdv
2019/10/18 14:04:40 Registering Components.
2019/10/18 14:04:40 Starting the Cmd.
2019/10/18 14:11:29 Creating Network Policy egress-test/common-do-something
2019/10/18 14:11:30 Creating Network Policy egress-test/common-do-something
2019/10/18 14:11:31 Creating Network Policy egress-test/common-allow-from-same-namespace
2019/10/18 14:11:32 Creating Network Policy egress-test/common-do-something
2019/10/18 14:11:33 Creating Network Policy egress-test/common-allow-from-same-namespace
2019/10/18 14:11:34 Creating Network Policy egress-test/common-do-something
2019/10/18 14:11:35 Creating Network Policy egress-test/common-allow-from-same-namespace
2019/10/18 14:11:36 Creating Network Policy egress-test/common-allow-from-same-namespace

Note: I changed the operator StatefulSet into a Deployment (as I'm not sure this was meant to be running on all nodes, correct me if I'm wrong).

Here are the sample CommonNetworkPolicies I'm trying to setup (excluding all ocp default namespaces)

apiVersion: commonnetworkpolicies.bells17.io/v1alpha1
kind: CommonNetworkPolicy
metadata:
  labels:
    controller-tools.k8s.io: "1.0"
  name: do-something
spec:
  namePrefix: common
  excludeNamespaces:
  - default
  - kube-node-lease
  - kube-public
  - kube-system
  - networkpolicy-operator
  - openshift
  - openshift-apiserver
  - openshift-apiserver-operator
  - openshift-authentication
  - openshift-authentication-operator
  - openshift-cloud-credential-operator
  - openshift-cluster-machine-approver
  - openshift-cluster-node-tuning-operator
  - openshift-cluster-samples-operator
  - openshift-cluster-storage-operator
  - openshift-cluster-version
  - openshift-config
  - openshift-config-managed
  - openshift-console
  - openshift-console-operator
  - openshift-controller-manager
  - openshift-controller-manager-operator
  - openshift-dns
  - openshift-dns-operator
  - openshift-etcd
  - openshift-image-registry
  - openshift-infra
  - openshift-ingress
  - openshift-ingress-operator
  - openshift-insights
  - openshift-kni-infra
  - openshift-kube-apiserver
  - openshift-kube-apiserver-operator
  - openshift-kube-controller-manager
  - openshift-kube-controller-manager-operator
  - openshift-kube-scheduler
  - openshift-kube-scheduler-operator
  - openshift-machine-api
  - openshift-machine-config-operator
  - openshift-marketplace
  - openshift-metering
  - openshift-monitoring
  - openshift-multus
  - openshift-network-operator
  - openshift-node
  - openshift-openstack-infra
  - openshift-operator-lifecycle-manager
  - openshift-operators
  - openshift-sdn
  - openshift-service-ca
  - openshift-service-ca-operator
  - openshift-service-catalog-apiserver-operator
  - openshift-service-catalog-controller-manager-operator
  policySpec:
    podSelector: {}
    policyTypes:
    - Egress
---
apiVersion: commonnetworkpolicies.bells17.io/v1alpha1
kind: CommonNetworkPolicy
metadata:
  labels:
    controller-tools.k8s.io: "1.0"
  name: allow-from-same-namespace
spec:
  namePrefix: common
  excludeNamespaces:
  - default
  - kube-node-lease
  - kube-public
  - kube-system
  - networkpolicy-operator
  - openshift
  - openshift-apiserver
  - openshift-apiserver-operator
  - openshift-authentication
  - openshift-authentication-operator
  - openshift-cloud-credential-operator
  - openshift-cluster-machine-approver
  - openshift-cluster-node-tuning-operator
  - openshift-cluster-samples-operator
  - openshift-cluster-storage-operator
  - openshift-cluster-version
  - openshift-config
  - openshift-config-managed
  - openshift-console
  - openshift-console-operator
  - openshift-controller-manager
  - openshift-controller-manager-operator
  - openshift-dns
  - openshift-dns-operator
  - openshift-etcd
  - openshift-image-registry
  - openshift-infra
  - openshift-ingress
  - openshift-ingress-operator
  - openshift-insights
  - openshift-kni-infra
  - openshift-kube-apiserver
  - openshift-kube-apiserver-operator
  - openshift-kube-controller-manager
  - openshift-kube-controller-manager-operator
  - openshift-kube-scheduler
  - openshift-kube-scheduler-operator
  - openshift-machine-api
  - openshift-machine-config-operator
  - openshift-marketplace
  - openshift-metering
  - openshift-monitoring
  - openshift-multus
  - openshift-network-operator
  - openshift-node
  - openshift-openstack-infra
  - openshift-operator-lifecycle-manager
  - openshift-operators
  - openshift-sdn
  - openshift-service-ca
  - openshift-service-ca-operator
  - openshift-service-catalog-apiserver-operator
  - openshift-service-catalog-controller-manager-operator
  policySpec:
    podSelector: {}
    ingress:
    - from:
      - podSelector: {}

Trying to list networkpolicies, nothing shows:

$ oc get networkpolicy,egressnetworkpolicy --all-namespaces
No resources found.

Am I missing something?

Thanks,

Regards.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.