Kubernetes integration with OpenStack networking
Go to file
Luis Tomas Bolivar 1d56b5b26d Avoid octavia default sg rules collision with kuryr ones
Kuryr is adding sg rules to the loadbalancer to ensure namespace
isolation. Octavia is also adding sg rules when creating listeners.
Octavia is checking if a rule in the same protocol, direction and
port is already created before adding its own. However, if by any
chance kuryr is delayed adding its own rules (as it is already
happening in some gates), octavia will add its own first, and then
kuryr-controller will do it two. Thus having extra rules that will
break the isolation enforcement.

Closes-Bug: 1810395
(cherry picked from commit 60a1e19d49)
Change-Id: If4760625728539adb336e44ce881e04454c09d40
2019-01-22 16:34:22 +01:00
.zuul.d import zuul job settings from project-config 2018-08-22 14:23:14 -04:00
contrib Change Pod annotations format to o.vo 2018-08-01 15:30:42 +02:00
devstack Ensure namespace and network policy compatibility 2018-10-29 09:31:31 +01:00
doc Add NPWG Multi-VIF driver option in devstack 2018-08-16 15:09:09 +08:00
etc Proceed CNI output in format of version 0.3.1 2018-07-04 13:04:35 +00:00
hooks Add support to install Kuryr as a network addon 2017-09-14 13:33:53 +02:00
kubernetes_crds Add NPWG Multi-VIF driver option in devstack 2018-08-16 15:09:09 +08:00
kuryr_kubernetes Avoid octavia default sg rules collision with kuryr ones 2019-01-22 16:34:22 +01:00
playbooks Clean up legacy playbooks 2018-04-26 09:38:28 +02:00
releasenotes Deprecate running Kuryr-Kubernetes with lbaasv2 2018-07-01 09:04:31 +03:00
scripts Controller service base 2016-10-04 21:56:50 +03:00
tools Add namespace subnet driver for namespace creation 2018-05-25 08:57:42 +02:00
.coveragerc tox: fix coverage 2016-11-18 10:14:56 +03:00
.dockerignore Add support to install Kuryr as a network addon 2017-09-14 13:33:53 +02:00
.gitignore Switch to using stestr 2018-07-16 15:43:10 +00:00
.gitreview Update .gitreview for stable/rocky 2018-08-21 12:09:47 +00:00
.stestr.conf Switch to using stestr 2018-07-16 15:43:10 +00:00
.testr.conf cookiecutter commit for kuryr-kubernetes 2016-05-22 08:54:07 +03:00
CONTRIBUTING.rst Use https links for documentation 2017-06-12 23:05:25 +08:00
HACKING.rst Update doc title format 2018-03-01 14:27:13 +08:00
LICENSE cookiecutter commit for kuryr-kubernetes 2016-05-22 08:54:07 +03:00
README.rst add a link to release notes in README file 2018-06-20 21:20:53 +08:00
babel.cfg cookiecutter commit for kuryr-kubernetes 2016-05-22 08:54:07 +03:00
cni.Dockerfile Fix container image creation. 2018-06-21 13:59:22 +02:00
cni_ds_init cni_ds_init: exec into the main process 2018-09-17 07:34:48 +00:00
controller.Dockerfile Fix container image creation. 2018-06-21 13:59:22 +02:00
lower-constraints.txt Merge "Try pyroute2 0.5.1" 2018-07-17 11:37:16 +00:00
requirements.txt Try pyroute2 0.5.1 2018-07-16 17:34:16 +00:00
setup.cfg Implement NPWG multi-vif driver 2018-08-09 17:31:21 +08:00
setup.py Updated from global requirements 2017-03-15 12:44:19 +00:00
test-requirements.txt Switch to using stestr 2018-07-16 15:43:10 +00:00
tox.ini Update UPPER_CONSTRAINTS_FILE for stable/rocky 2018-08-21 12:09:50 +00:00

README.rst

Team and repository tags

image

Project description

Kubernetes integration with OpenStack networking

The OpenStack Kuryr project enables native Neutron-based networking in Kubernetes. With Kuryr-Kubernetes it's now possible to choose to run both OpenStack VMs and Kubernetes Pods on the same Neutron network if your workloads require it or to use different segments and, for example, route between them.

Contribution guidelines

For the process of new feature addition, refer to the Kuryr Policy