Commit Graph

94 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
0c6470115e
Merge pull request #86578 from tnqn/except-validation
Validate Except of IPBlock for NetworkPolicy spec
2020-02-08 14:45:53 -08:00
Quan Tian
ea693833c8 Validate Except of IPBlock for NetworkPolicy spec
This patch enhances the validation of Except field that the values will
be rejected if they are not strictly within the CIDR range.
2020-02-05 01:35:44 +08:00
wojtekt
1fc80c57ee Autogenerated 2020-02-04 16:06:36 +01:00
Antonio Ojea
31e59fd5e3
Add ipv6 examples for network policy API
Add IPv6 examples to the network policy API
2019-12-27 22:47:20 +01:00
Kubernetes Prow Robot
5cb1ec5fea
Merge pull request #86298 from aojea/netpolicyv6
networkPolicy ipv6 unit tests validation
2019-12-18 10:37:57 -08:00
Antonio Ojea
f401d711aa
networkPolicy validation ipv6 unit tests
Add ipv6 cases to the validation unit tests.
2019-12-16 08:46:53 +01:00
Quan Tian
d07dd4bbed Fix NetworkPolicy PolicyTypes validation
The validation had an excess nested loop and also caused wrong
error feedback that all policyTypes input will be reported as
unsupported if any of them is wrong.
2019-11-29 16:02:38 +08:00
misakazhou
f0323a2030 Fix broken link to api-conventions doc.
Signed-off-by: misakazhou <misakazhou@tencent.com>
2019-08-29 08:35:16 +08:00
Johannes M. Scheuermann
94ce517212 Fix typo in network policy ingress rule 2019-06-26 19:27:09 +02:00
Chao Xu
369314959c generated 2019-05-24 18:14:53 -07:00
Andrew Kim
c919139245 update import of generic featuregate code from k8s.io/apiserver/pkg/util/feature -> k8s.io/component-base/featuregate 2019-05-08 10:01:50 -04:00
Christopher M. Luciano
b785f95130
organize sig-net-api-{reviewers,approvers} in OWNERS_ALIASES
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
2019-05-06 12:04:04 -04:00
Kubernetes Prow Robot
a2afe45366
Merge pull request #76991 from yue9944882/chore/cleanup-hub-genclient-tags
Clean up genclient tags for hub types
2019-04-30 14:11:12 -07:00
SataQiu
73ec7ad2d6 fix golint failures of pkg/apis/networking 2019-04-24 18:08:18 +08:00
yue9944882
71a58de48b clean up genclient tags for hub types 2019-04-24 16:53:21 +08:00
Jordan Liggitt
f139218ac0 generated files 2019-02-20 23:32:46 -05:00
Jordan Liggitt
8c28d3f63c Add networking.k8s.io/v1beta1 Ingress 2019-02-20 16:41:14 -05:00
Jordan Liggitt
6c0b1b87f0 generated files 2019-02-20 16:41:14 -05:00
Jordan Liggitt
47cb9559be Move internal Ingress type from extensions to networking 2019-02-20 16:41:12 -05:00
Kubernetes Prow Robot
7a5ea30b3d
Merge pull request #73961 from mattjmcnaughton/mattjmcnaughton/clarify-NetworkPolicy-policyTypes-in-docs
Clarify NetworkPolicy policyTypes in docs
2019-02-18 20:16:25 -08:00
Kubernetes Prow Robot
808f2cf0ef
Merge pull request #72525 from justinsb/owners_should_not_be_executable
Remove executable file permission from OWNERS files
2019-02-14 23:55:45 -08:00
mattjmcnaughton
41f05222e1 Clarify NetworkPolicy policyTypes in docs
Update the NetWorkPolicy `policyTypes` definition in the spec documentation so its
clear there are only three options: "Ingress", "Egress", and
"Ingress,Egress".
2019-02-14 09:28:50 -05:00
Kubernetes Prow Robot
5b7a790d35
Merge pull request #72185 from dcbw/owners-label-sig-network
OWNERS: add label:sig/network to a bunch of places
2019-02-08 10:36:16 -08:00
Kubernetes Prow Robot
b50c643be0
Merge pull request #73540 from rlenferink/patch-5
Updated OWNERS files to include link to docs
2019-02-08 09:05:56 -08:00
Jordan Liggitt
34ac165a44 Move conditional validation for SCTPSupport to validation functions with knowledge of old objects 2019-02-05 23:09:31 -05:00
Roy Lenferink
b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
Justin SB
dd19b923b7
Remove executable file permission from OWNERS files 2019-01-11 16:42:59 -08:00
Dan Williams
2e339188ed OWNERS: add label:sig/network to a bunch of places 2018-12-19 00:00:02 -06:00
Jingyi Hu
61117761cd *: Remove comment tags in GoDoc
Adding blank line between comment tag and package name in doc.go. So
that the comment tags such as '+k8s:deepcopy-gen=package' do not show up
in GoDoc.
2018-09-13 20:27:32 -07:00
Laszlo Janosi
ebc16c31af bazel definition updated for pkg/apis/networking/validation/ 2018-08-27 05:59:50 +00:00
Laszlo Janosi
cbe94df8c6 gofmt update 2018-08-27 05:59:50 +00:00
Laszlo Janosi
e466bdc67e Changes according to the approved KEP. SCTP is supported for HostPort and LoadBalancer. Alpha feature flag SCTPSupport controls the support of SCTP. Kube-proxy config parameter is removed. 2018-08-27 05:58:36 +00:00
Laszlo Janosi
a6da2b1472 K8s SCTP support implementation for the first pull request
The requested Service Protocol is checked against the supported protocols of GCE Internal LB. The supported protocols are TCP and UDP.

SCTP is not supported by OpenStack LBaaS. If SCTP is requested in a Service with type=LoadBalancer, the request is rejected. Comment style is also corrected.

SCTP is not allowed for LoadBalancer Service and for HostPort. Kube-proxy can be configured not to start listening on the host port for SCTP: see the new SCTPUserSpaceNode parameter

changed the vendor github.com/nokia/sctp to github.com/ishidawataru/sctp. I.e. from now on we use the upstream version.

netexec.go compilation fixed. Various test cases fixed

SCTP related conformance tests removed. Netexec's pod definition and Dockerfile are updated to expose the new SCTP port(8082)

SCTP related e2e test cases are removed as the e2e test systems do not support SCTP

sctp related firewall config is removed from cluster/gce/util.sh. Variable name sctp_addr is corrected to sctpAddr in pkg/proxy/ipvs/proxier.go

cluster/gce/util.sh is copied from master
2018-08-27 05:56:27 +00:00
Di Xu
3157ff0230 use NameIsDNSSubdomain validation from staging 2018-08-14 10:38:23 +08:00
Clayton Coleman
ef561ba8b5
generated: Avoid use of reflect.Call in conversion code paths 2018-07-17 23:02:16 -04:00
Dr. Stefan Schimanski
f8de7cea40 Update generated files 2018-06-29 20:36:17 +02:00
Jeff Grafton
23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
Jeff Grafton
a725660640 Update to gazelle 0.12.0 and run hack/update-bazel.sh 2018-06-22 16:22:18 -07:00
Dr. Stefan Schimanski
1208437f84 Update generated files 2018-06-13 12:35:13 +02:00
David Eads
c5445d3c56 simplify api registration 2018-05-08 18:33:50 -04:00
David Eads
7b4f97aca3 generated 2018-05-08 18:32:44 -04:00
David Eads
e7fbbe0e3c eliminate indirection from type registration 2018-04-25 09:02:31 -04:00
Kubernetes Submit Queue
0b062e1518
Merge pull request #60452 from danwinship/networkpolicy-pod-plus-ns
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Allow including both podSelector and namespaceSelector in a NetworkPolicyPeer

Updates NetworkPolicy API docs and validation to allow podSelector and namespaceSelector to be specified together in a NetworkPolicyPeer

Fixes #58637

**Release note**:
```release-note
NetworkPolicies can now target specific pods in other namespaces by including both a namespaceSelector and a podSelector in the same peer element.
```
2018-03-24 13:34:27 -07:00
fisherxu
b49ef6531c regenerated all files and remove all YEAR fields 2018-03-08 17:52:48 +08:00
jennybuckley
c8dacd8e63 Run hack/update-all.sh 2018-02-26 17:16:14 -08:00
Dan Winship
329639e9f6 Allow including both podSelector and namespaceSelector in a NetworkPolicyPeer 2018-02-26 14:59:56 -05:00
Dan Winship
50b2b30526 Factor out duplicated NetworkPolicy validation code 2018-02-26 14:54:28 -05:00
Jeff Grafton
ef56a8d6bb Autogenerated: hack/update-bazel.sh 2018-02-16 13:43:01 -08:00
Allen Petersen
3d69cea1e5 Update generated files 2018-01-02 22:13:19 -08:00
Christoph Blecker
80e344644e
Regenerate all generated code 2018-01-02 00:21:07 -08:00