AzureVpcPeering.allowVnetAccess parameter indicates whether the peered networks can communicate with each other.
AllowVnetAccess parameter value is passed to both sides of peering connection the Kyma, initiator of the peering connection, and the remote, acceptor of the peering connection.
For the testing purposes a VM has been created in the remote network while httpbin-nodeport and ubuntu test pod has been deployed to the Kyma cluster.
Following table represents test results while trying to reach the VM in the remote network from the ubuntu pod in the Kyma cluster and hitting the httpbin-nodeport service in the Kyma cluster from the VM in the remote network.
Kyma
Remote
Curl Kyma
Ping remote VM
false
true
No
No
true
true
Yes
Yes
false
false
No
No
true
false
No
No
Communication between peered Kyma and Remote network is possible only when allowVnetAccess parameter is set to true on both sides of peering connections.
Reasons
Since communication between peered networks is possible only when allowVnetAccess is true on both sides, parameter should be removed from the API.
Description
AzureVpcPeering.allowVnetAccess parameter indicates whether the peered networks can communicate with each other.
AllowVnetAccess parameter value is passed to both sides of peering connection the Kyma, initiator of the peering connection, and the remote, acceptor of the peering connection.
For the testing purposes a VM has been created in the remote network while httpbin-nodeport and ubuntu test pod has been deployed to the Kyma cluster.
Following table represents test results while trying to reach the VM in the remote network from the ubuntu pod in the Kyma cluster and hitting the httpbin-nodeport service in the Kyma cluster from the VM in the remote network.
Communication between peered Kyma and Remote network is possible only when allowVnetAccess parameter is set to true on both sides of peering connections.
Reasons
Since communication between peered networks is possible only when allowVnetAccess is true on both sides, parameter should be removed from the API.