admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,031 Commits 13 Branches 51 Tags
2cd5f45d47b018b011008dae03e13dd150afd151
Commit Graph

22 Commits

Author SHA1 Message Date
hongming
1c49fcd57e Bump sigs.k8s.io/controller-runtime to v0.14.4 (#5507) 
* Bump sigs.k8s.io/controller-runtime to v0.14.4

* Update gofmt
 2023-02-08 14:06:15 +08:00
hongzhouzi
44167aa47a Upgrade k8s package verison (#5358) 
* upgrade k8s package version

Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io>

* Script upgrade and code formatting.

Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io>

Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io>
 2022-11-15 14:56:38 +08:00
andrew_li
f289795312 Add golangci-lint workflow (#4999) 
* fix lint workflow

* add golang lint

* close http response body
 2022-06-29 11:58:36 +08:00
Roland.Ma
2fcfb81066 fix controller Start method signature 
Signed-off-by: Roland.Ma <rolandma@yunify.com>
 2021-08-16 06:58:12 +00:00
Roland.Ma
c37a11c5f9 move api to staging 
Signed-off-by: Roland.Ma <rolandma@yunify.com>
 2021-04-29 08:20:05 +00:00
zryfish
ac275b6e98 add goimports format action (#3630) 
Signed-off-by: Jeff <jeffzhang@yunify.com>
 2021-03-30 13:44:24 +08:00
hongming
fe6c5de00f update dependencies 
Signed-off-by: hongming <talonwan@yunify.com>
 2021-01-04 15:35:32 +08:00
Duan Jiong
24e3ac865f add ippool resource api 
add ippool webhook and fix some bugs

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-12-29 14:32:21 +08:00
Duan Jiong
43d1d6f243 implement ippool 
1. support vlan ippool management
2. support calico ippool management

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-10-29 09:59:27 +08:00
zryfish
dbc33fe5d2 add license header (#2761) 
Signed-off-by: Jeff <zw0948@gmail.com>
 2020-08-05 15:54:17 +08:00
Duan Jiong
eb21606602 networkpolicy: add new parameters allowedIngressNamespaces for user customization 
Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-07-28 10:55:16 +08:00
Duan Jiong
7e8bef6bfd modify the field networkIsolate in workspace 
Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-07-13 19:13:26 +08:00
Duan Jiong
655fd26cbf fix nsnp webhook to validate all fileds in it 
such as ipblock, service.
And the crd openAPIV3Schema could not validate all scenarios

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-06-28 09:44:05 +08:00
Duan Jiong
825e026930 validate cidr 
only accept validated cidr.
And fix the error handle when network-isotate is diabled.
And remove the useless crd.

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-06-10 18:11:05 +08:00
Duan Jiong
3c21a21bd7 rename nsnp controller 
Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-06-08 22:36:49 +08:00
Duan Jiong
e922a85dec fix namespace networkpolicy 
add prefix when set key, otherwise the k8s rule will not be deleted
don't append ingress when ingress is empty, otherwise all ingress traffic will be allowed.

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-06-03 12:08:30 +08:00
Duan Jiong
7a0b18315f fix namespace networkpolicy 
add filter on namespace event func
delete the code which do same work with namespace controller

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-05-21 11:02:34 +08:00
Duan Jiong
4e45d659c0 fix namespace networkpolicy 
1. allow egress when isolate is enabled
2. add nsnp prefix "nsnp-"
3. remove some useless log

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-05-18 09:10:33 +08:00
Duan Jiong
4fb9d84fea allow dns traffic and host node traffic 
Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-04-28 10:21:58 +08:00
Duan Jiong
1ab7d67e51 allow ip/port in service when config service nsnp 
Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-04-28 10:21:58 +08:00
Duan Jiong
d3bdcd0465 network: support network isolate 
Add new crd to convert kubesphere network policy to k8s network policy, and then other network
plugin will do the rest work.

Use  cache.go from calico project's kube-controller,  it aim to  sync nsnp with k8s np, delete unused np, and relieve the pressure on k8s restful client.

If you want higher performance, you can implement interface  NsNetworkPolicyProvider in pkg/controller/provider/namespace_np.go.

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>
 2020-04-28 10:21:50 +08:00
magicsong
90fa38851f add ns networkpolicy 2019-08-08 18:39:00 +08:00