Bug 1321949
| Summary: | Allow connection only through endpoints | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Jaspreet Kaur <jkaur> |
| Component: | RFE | Assignee: | Mike Barrett <mbarrett> |
| Status: | CLOSED DUPLICATE | QA Contact: | Johnny Liu <jialiu> |
| Severity: | medium | Docs Contact: | |
| Priority: | high | ||
| Version: | 3.1.0 | CC: | aos-bugs, jokerman, mmccomas |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-04-14 14:25:58 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 1294198 *** |
3. What is the nature and description of the request? Currently, all pods can communicate to external services. We want to limit the communication. Explicitly managing iptables would not be an option. Preferred solution: Allow connection to external service only through endpoints. 4. Why does the customer need this? (List the business requirements here) Security reasons. 5. How would the customer like to achieve this? (List the functional requirements here) - All pods should not be able to communicate to external service - If a pod require to communicate to external service, for example a oracle database, an endpoint and service would be required. 6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented. 7. Is there already an existing RFE upstream or in Red Hat Bugzilla? N/A 8. Does the customer have any specific timeline dependencies and which release would they like to target? ASAP 9. Is the sales team involved in this request and do they have any additional input? N/A Red Hat Consultant on site, account team fully aware of the request. 10. List any affected packages or components. - Openshift Enterprise 11. Would the customer be able to assist in testing this functionality if implemented? - Yes.