b200d368cd
This patch adds support for Network Policy on services. It applies pods' security groups onto the services in front of them. It makes the next assumptions: - All the pods pointed by one svc have the same labels, thus the same sgs being enforced - Only copies the SG rules that have the same protocol and direction as the listener being created - Adds a default rule to NP to enable traffic from services subnet CIDR Partially Implements: blueprint k8s-network-policies Change-Id: Ibd4b51ff40b69af26ab7e7b81d18e63abddf775b |
||
---|---|---|
.zuul.d | ||
contrib | ||
devstack | ||
doc | ||
etc | ||
kubernetes_crds | ||
kuryr_kubernetes | ||
playbooks | ||
releasenotes | ||
tools | ||
.coveragerc | ||
.dockerignore | ||
.gitignore | ||
.gitreview | ||
.pre-commit-config.yaml | ||
.stestr.conf | ||
.testr.conf | ||
CONTRIBUTING.rst | ||
HACKING.rst | ||
LICENSE | ||
README.rst | ||
babel.cfg | ||
cni.Dockerfile | ||
cni_ds_init | ||
cni_py3.Dockerfile | ||
controller.Dockerfile | ||
controller_py3.Dockerfile | ||
lower-constraints.txt | ||
requirements.txt | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
Team and repository tags
Project description
Kubernetes integration with OpenStack networking
The OpenStack Kuryr project enables native Neutron-based networking in Kubernetes. With Kuryr-Kubernetes it's now possible to choose to run both OpenStack VMs and Kubernetes Pods on the same Neutron network if your workloads require it or to use different segments and, for example, route between them.
- Free software: Apache license
- Documentation: https://docs.openstack.org/kuryr-kubernetes/latest
- Source: https://git.openstack.org/cgit/openstack/kuryr-kubernetes
- Bugs: https://bugs.launchpad.net/kuryr-kubernetes
- Overview and demo: https://superuser.openstack.org/articles/networking-kubernetes-kuryr
- Release notes: https://docs.openstack.org/releasenotes/kuryr-kubernetes/
Contribution guidelines
For the process of new feature addition, refer to the Kuryr Policy