Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for multinetworkpoliy #194

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add support for multinetworkpoliy #194

wants to merge 2 commits into from

Conversation

venkataanil
Copy link
Contributor

User creates a definite number of vlans (nncp) and then uses them across namespaces using NADs.
multinetworkpoliy used for additional interfaces of pods and virtual machines.
Netpol latency measurment will be implemented later based on if multinetworkpoliy created for pods or virtual machines.

This workload uses the same config options like regular network policy, however

  1. selector based approach not possible for spec.podselector and
    ingress.from.podselctor for the virtual machines
  2. in regular network policy, any namespace can be chosen as peer,
    however now the namespace within the same vlan has to be chosen
    as peer.

@venkataanil venkataanil requested review from a team as code owners February 21, 2025 10:25
@venkataanil venkataanil force-pushed the multinetworkpolicy branch 2 times, most recently from 7b83d2a to 8538847 Compare February 24, 2025 07:55
@venkataanil
Add support for multinetworkpoliy
d9a03b4 
User creates a definite number of vlans (nncp) and then uses them
across namespaces using NADs.
multinetworkpoliy used for additional interfaces of pods and
virtual machines.
Netpol latency measurment will be implemented later based on
if multinetworkpoliy created for pods or virtual machines.

This workload uses the same config options like regular network
policy, however
1) selector based approach not possible for spec.podselector and
 ingress.from.podselctor for the virtual machines
2) in regular network policy, any namespace can be chosen as peer,
 however now the namespace within the same vlan has to be chosen
 as peer.

Note: Port ranges are not supported in MNP

How to Run?
kube-burner-ocp network-policy --log-level=debug --iterations 2
 --netpol-per-namespace 1 --pod-selectors 1 --single-ports 1
 --port-ranges 1 --remotes-namespaces 1 --cidrs 1
 --networkpolicy-latency=false --multi-network-policy=true
 --virt=true --vlans=1 --namespaces-per-vlan=2
 --vms-per-namespace=1

Signed-off-by: venkataanil <anil.venkata@enovance.com>
@venkataanil venkataanil changed the title [WIP] Add support for multinetworkpoliy Add support for multinetworkpoliy Feb 24, 2025
@vishnuchalla vishnuchalla self-requested a review February 25, 2025 17:59
@vishnuchalla
Copy link
Contributor

@venkataanil can we get a small CI test added please?

@mohit-sheth
Copy link
Contributor

thanks @venkataanil for a quick turnaround

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vishnuchalla vishnuchalla Awaiting requested review from vishnuchalla

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@venkataanil @vishnuchalla @mohit-sheth