We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Parent issue: #150
Write go code to get a Deployment/DaemonSet from a cluster and create a corresponding TrafficPeer (see struct referenced below).
TrafficPeer
Our KubeCon demo (video, slides, code) used hard-coded Pods and traffic (Pod a to Pod b on port 80 and 81).
Of course, a user should be able to specify their own Pods/traffic. Ideally, a user can:
A helpful starting point is Matt's Traffic struct. Here's a snippet of this example json:
{ "Source": { "IP": "8.8.8.8" }, "Destination": { "Internal": { "PodLabels": {"pod": "a"}, "NamespaceLabels": {"ns": "y"}, "Namespace": "y" // we will also need NodeLabels for AdminNetworkPolicy's node selector }, "IP": "192.168.1.10" }, "Protocol": "TCP", "ResolvedPort": 80, "ResolvedPortName": "serve-80-tcp" }
It would be nice if a user could instead reference a Pod/Deployment/DaemonSet, and then Policy Assistant queries someone's cluster to fill in:
We could start by building go code to convert a Deployment or DaemonSet to a TrafficPeer for a user's Kubernetes cluster.
For the command in the screenshot above, should a user specify that configuration in JSON like so?
policy-assistant analyze --mode walkthrough --traffic-file traffic.json
where traffic.json is like:
traffic.json
{ "Traffic": [ { "From": "ns-dev/deployment/frontend", "To": "ns-dev/daemonset/backend", "Protocol": "TCP", "PortName": "serve-80-tcp" }, { "From": "10.0.0.5", "To": "ns-dev/daemonset/backend", "Protocol": "UDP", "Port": "81" }, ] }
The text was updated successfully, but these errors were encountered:
/assign
Sorry, something went wrong.
gabrielggg
No branches or pull requests
Parent issue: #150
TL;DR
Write go code to get a Deployment/DaemonSet from a cluster and create a corresponding
TrafficPeer
(see struct referenced below).Overview
Our KubeCon demo (video, slides, code) used hard-coded Pods and traffic (Pod a to Pod b on port 80 and 81).
Of course, a user should be able to specify their own Pods/traffic. Ideally, a user can:
Ideas
A helpful starting point is Matt's Traffic struct. Here's a snippet of this example json:
It would be nice if a user could instead reference a Pod/Deployment/DaemonSet, and then Policy Assistant queries someone's cluster to fill in:
We could start by building go code to convert a Deployment or DaemonSet to a
TrafficPeer
for a user's Kubernetes cluster.Separate Discussion: what should be the CLI Experience?
For the command in the screenshot above, should a user specify that configuration in JSON like so?
where
traffic.json
is like:The text was updated successfully, but these errors were encountered: