balpert89
commented
5 months ago some questions from top of my head:
- is this meant to be used in conjunction / complementary to the
LabelSelectorsection in aNetworkPolicy? - what is the benefit compared to just using the
LabelSelectorsection? - why not introducing an extension in the
NetworkPolicyAPI? It seems cumbersome to have logic to union the list ofNetworkInterfaceschosen byLabelSelectorandNetworkPolicyTargets
afritzler
Objective
To design and introduce a new type within our network configuration API named
NetworkPolicyTargets. This type will be utilized to specifically defineNetworkInterfacesas the targets of aNetworkPolicy, aiming to enhance granularity and control over network traffic rules.Background
While our existing
NetworkPolicyimplementation offers the capability to set broad network traffic rules, there's a need for more granular control. Specifically, there's a requirement to precisely targetNetworkInterfaceswith these policies. The introduction of theNetworkPolicyTargetstype aims to address this need, enabling users to specifyNetworkInterfacesdirectly as policy targets.Requirements
NetworkInterfaces: TheNetworkPolicyTargetstype should allow for the explicit specification ofNetworkInterfacesas targets of a network policy.NetworkPolicyTargetsis fully compatible with the currentNetworkPolicystructure, enhancing functionality without disrupting existing definitions.NetworkPolicyTargetsshould prioritize ease of use, allowing for intuitive specification of network interface targets in network policies.Proposed API Changes
Introduction of
NetworkPolicyTargetsType:NetworkInterfacesas targets. Each target can be defined by attributes such asUIDandName.Specification Example:
NetworkPolicyTargetstype within network policies, emphasizing the targeting ofNetworkInterfaces.Next Steps