[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ingress firewall



On 12/14/2016 02:52 PM, Srinivas Naga Kotaru (skotaru) wrote:
> Thanks Dan. At this point we are not sure how to control ingress traffic. I knew pretty sure that we can provide Ingress IP address to that client services get external reachable IP and TCP ports. 
> 
> If this is not possible 3.4, can we except in 3.5? at least this gives us a window to talk to client and convince him to use ingress now and expect ingress firewall support in 3.5? 

As I said, it's not clear when NetworkPolicy will handle cluster-ingress
filtering (as opposed to just pod-to-pod filtering). And OCP 3.5 will be
based on Kubernetes 1.5, which is now released and definitely doesn't
include cluster-ingress filtering. So no, it won't be in 3.5.

-- Dan

> Am thinkiing it is very important feature if want to extent the platform to all type of work loads rather just web apps.  No one interested just typical web work loads in container platform. Clients expecting freedom/choices/possibilities of IaaS layer in container platrorm without having any limitations. To achive this, network is very foundational and critical. 
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]