PR addresses scale down(/up) scenarios of policyEndpoint custom resource. Network Policy controller createspolicyEndpoint resources with endpoint info that matches the selectors in the corresponding Network Policy resource. In some scenarios, when there are multiple policies configured against a particular pod and if each of these policies were resulting in multiple policyEndpoint slices individually then Network Policy agent can potentially discard firewall rules from some active policyEndpoint slices during a scale down/up work flows. Issue can be dependent on the sequence of events from NP controller.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Description of changes:
PR addresses scale down(/up) scenarios of
policyEndpointcustom resource. Network Policy controller createspolicyEndpointresources with endpoint info that matches the selectors in the corresponding Network Policy resource. In some scenarios, when there are multiple policies configured against a particular pod and if each of these policies were resulting in multiplepolicyEndpointslices individually then Network Policy agent can potentially discard firewall rules from some activepolicyEndpointslices during a scale down/up work flows. Issue can be dependent on the sequence of events from NP controller.By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.