From 239050be4b022b5aa50af4ad1ecde8c15f18cea0 Mon Sep 17 00:00:00 2001 From: Matt Oswalt Date: Tue, 8 Dec 2020 16:41:23 -0800 Subject: [PATCH 1/2] Convert networkpolicy to use blank namespace selector instead of RFC1918 Signed-off-by: Matt Oswalt --- scheduler/networks.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/scheduler/networks.go b/scheduler/networks.go index 4c962b5b..edca4c1e 100644 --- a/scheduler/networks.go +++ b/scheduler/networks.go @@ -97,10 +97,8 @@ func (s *AntidoteScheduler) createNetworkPolicy(sc ot.SpanContext, nsName string // Have only been able to get this working with this CIDR. // Tried a /32 directly to the svc IP for DNS, but that didn't seem to work. - // Should revisit this later. Open to all RFC1918 for now. - {IPBlock: &netv1.IPBlock{CIDR: "10.0.0.0/8"}}, - {IPBlock: &netv1.IPBlock{CIDR: "192.168.0.0/16"}}, - {IPBlock: &netv1.IPBlock{CIDR: "171.16.0.0/12"}}, + // Should revisit this later. Open to all cluster namespaces for now. + {NamespaceSelector: &meta_v1.LabelSelector{}}, }, Ports: []netv1.NetworkPolicyPort{ {Protocol: &tcp, Port: &fivethree}, From 67c100cabbe128ac885120c248d3c8cfb8e24caf Mon Sep 17 00:00:00 2001 From: Matt Oswalt Date: Tue, 8 Dec 2020 16:43:20 -0800 Subject: [PATCH 2/2] update changelog Signed-off-by: Matt Oswalt --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f917a512..54c24303 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ ## In development +- Convert networkpolicy to use blank namespace selector instead of RFC1918 [#205](https://github.com/nre-learning/antidote-core/pull/205) - Upgrade grpc-gateway and add required protobuf options [#204](https://github.com/nre-learning/antidote-core/pull/204) - Add (deprecated) 'legacy' image flavor [#202](https://github.com/nre-learning/antidote-core/pull/202) - Move networkpolicy creation to the beginning of the creation of livelesson resources [#201](https://github.com/nre-learning/antidote-core/pull/201)