OSDOCS-16837: Standard Network Policy CQA2#111308
Conversation
openshift-ci-robot
added
the
jira/valid-reference
|
@jab-rh: This pull request references OSDOCS-16837 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "5.0.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
Bot
added
the
size/M
|
🤖 Wed May 06 16:40:08 - Prow CI generated the docs preview: |
|
@jab-rh: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
jab-rh
added
the
merge-review-needed
JoeAldinger
added
merge-review-in-progress
JoeAldinger
left a comment
JoeAldinger
left a comment
There was a problem hiding this comment.
A few things to consider. Thanks, Jason.
| <1> Replace `<project>` with the name for the project you are creating. | ||
| + | ||
| -- | ||
| where: |
There was a problem hiding this comment.
I think you'd want to do this like this example: https://github.com/openshift/openshift-docs/pull/102276/changes#diff-d8993bca15c862a2f83b0d75595d4198b515aa447104f2429f4ba2d1e8b0f68eR32
| ---- | ||
| <1> Replace `<project>` with the name for the project you are creating. | ||
| + | ||
| -- |
There was a problem hiding this comment.
| -- | |
| Replace <project>` with the name of the project you want to create. |
| podSelector: {} | ||
| policyTypes: | ||
| - Ingress | ||
| ---- | ||
| <1> `policy-group.network.openshift.io/ingress:""` label supports OVN-Kubernetes. | ||
|
|
There was a problem hiding this comment.
The policy-group.network.openshift.io/ingress:"" label supports OVN-Kubernetes.
There was a problem hiding this comment.
| @@ -6,6 +6,9 @@ | |||
| [id="nw-networkpolicy-multitenant-isolation_{context}"] | |||
| = Configuring multitenant isolation by using network policy | |||
|
|
|||
| [role="_abstract"] | |||
| You can configure network policies to isolate workloads in a project from pods and services in other namespaces. This isolation helps control network traffic between projects and improves multitenant security in your cluster. | |||
|
|
|||
| You can configure your project to isolate it from pods and services in other | |||
There was a problem hiding this comment.
You can probably get rid of this sentence since it repeats the first.
| @@ -8,6 +8,9 @@ | |||
| [id="nw-networkpolicy-project-defaults_{context}"] | |||
| = Adding network policies to the new project template | |||
|
|
|||
| [role="_abstract"] | |||
| You can add `NetworkPolicy` objects to the default project template so that new projects automatically include predefined network isolation rules. Applying network policies through templates helps enforce consistent network security controls across projects. | |||
|
|
|||
| As a cluster administrator, you can add network policies to the default template for new projects. | |||
There was a problem hiding this comment.
Same here. If your abstracts rewrite some of these I'd just delete the old sentences.
| @@ -8,6 +8,9 @@ | |||
| [id="nw-networkpolicy-create-ocm_{context}"] | |||
| = Creating a network policy using {cluster-manager} | |||
|
|
|||
| [role="_abstract"] | |||
| To control ingress and egress traffic for workloads in your cluster, create a network policy by using {cluster-manager}. Network policies help enforce namespace-level network isolation and improve application security. | |||
|
|
|||
| To define granular rules describing the ingress or egress network traffic allowed for namespaces in your cluster, you can create a network policy. | |||
There was a problem hiding this comment.
I would just use this as the abstract or because your re-write introduces new content you'll need to get QE.
4 participants
Version(s):
Issue:
Link to docs preview:
Configuring project creation
About network policy
Creating a network policy
Defining a default network policy for projects
Configuring multitenant isolation with network policy
Postinstallation network configuration
QE review:
Additional information: