Skip to content

Commit

Permalink
[ExternalNode] Support applying ANP to ExternalEntity (#3712)
Browse files Browse the repository at this point in the history 
Add externalEntitySelector in ANP appliedTo field. ACNP is not supported
for ExternalEntity yet.

Signed-off-by: wenyingd <[email protected]>
  • Loading branch information
@wenyingd
wenyingd committed May 7, 2022
1 parent 253b4f4 commit 7242689
Show file tree
Hide file tree
Showing 6 changed files with 144 additions and 0 deletions.
24 changes: 24 additions & 0 deletions build/charts/antrea/templates/crds/networkpolicy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,30 @@ spec:
type: object
# Ensure that Spec.AppliedTo does not allow NamespaceSelector/IPBlock field
properties:
externalEntitySelector:
type: object
properties:
matchExpressions:
type: array
items:
type: object
properties:
key:
type: string
operator:
enum:
- In
- NotIn
- Exists
- DoesNotExist
type: string
values:
type: array
items:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$"
matchLabels:
x-kubernetes-preserve-unknown-fields: true
podSelector:
type: object
properties:
Expand Down
24 changes: 24 additions & 0 deletions build/yamls/antrea-aks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1841,6 +1841,30 @@ spec:
type: object
# Ensure that Spec.AppliedTo does not allow NamespaceSelector/IPBlock field
properties:
externalEntitySelector:
type: object
properties:
matchExpressions:
type: array
items:
type: object
properties:
key:
type: string
operator:
enum:
- In
- NotIn
- Exists
- DoesNotExist
type: string
values:
type: array
items:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$"
matchLabels:
x-kubernetes-preserve-unknown-fields: true
podSelector:
type: object
properties:
Expand Down
24 changes: 24 additions & 0 deletions build/yamls/antrea-eks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1841,6 +1841,30 @@ spec:
type: object
# Ensure that Spec.AppliedTo does not allow NamespaceSelector/IPBlock field
properties:
externalEntitySelector:
type: object
properties:
matchExpressions:
type: array
items:
type: object
properties:
key:
type: string
operator:
enum:
- In
- NotIn
- Exists
- DoesNotExist
type: string
values:
type: array
items:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$"
matchLabels:
x-kubernetes-preserve-unknown-fields: true
podSelector:
type: object
properties:
Expand Down
24 changes: 24 additions & 0 deletions build/yamls/antrea-gke.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1841,6 +1841,30 @@ spec:
type: object
# Ensure that Spec.AppliedTo does not allow NamespaceSelector/IPBlock field
properties:
externalEntitySelector:
type: object
properties:
matchExpressions:
type: array
items:
type: object
properties:
key:
type: string
operator:
enum:
- In
- NotIn
- Exists
- DoesNotExist
type: string
values:
type: array
items:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$"
matchLabels:
x-kubernetes-preserve-unknown-fields: true
podSelector:
type: object
properties:
Expand Down
24 changes: 24 additions & 0 deletions build/yamls/antrea-ipsec.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1854,6 +1854,30 @@ spec:
type: object
# Ensure that Spec.AppliedTo does not allow NamespaceSelector/IPBlock field
properties:
externalEntitySelector:
type: object
properties:
matchExpressions:
type: array
items:
type: object
properties:
key:
type: string
operator:
enum:
- In
- NotIn
- Exists
- DoesNotExist
type: string
values:
type: array
items:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$"
matchLabels:
x-kubernetes-preserve-unknown-fields: true
podSelector:
type: object
properties:
Expand Down
24 changes: 24 additions & 0 deletions build/yamls/antrea.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1841,6 +1841,30 @@ spec:
type: object
# Ensure that Spec.AppliedTo does not allow NamespaceSelector/IPBlock field
properties:
externalEntitySelector:
type: object
properties:
matchExpressions:
type: array
items:
type: object
properties:
key:
type: string
operator:
enum:
- In
- NotIn
- Exists
- DoesNotExist
type: string
values:
type: array
items:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$"
matchLabels:
x-kubernetes-preserve-unknown-fields: true
podSelector:
type: object
properties:
Expand Down

0 comments on commit 7242689

Please sign in to comment.