b200d368cd
This patch adds support for Network Policy on services. It applies pods' security groups onto the services in front of them. It makes the next assumptions: - All the pods pointed by one svc have the same labels, thus the same sgs being enforced - Only copies the SG rules that have the same protocol and direction as the listener being created - Adds a default rule to NP to enable traffic from services subnet CIDR Partially Implements: blueprint k8s-network-policies Change-Id: Ibd4b51ff40b69af26ab7e7b81d18e63abddf775b |
||
---|---|---|
.. | ||
drivers | ||
handlers | ||
ingress | ||
managers | ||
__init__.py | ||
service.py |