Description of problem: NetworkPolicy details page only shows Ingress rule table, maybe we should also show Egress rules, only in this way user can have a complete view of networkpolicy object Version-Release number of selected component (if applicable): 4.8.0-0.nightly-2021-05-19-123944 How reproducible: Always Steps to Reproduce: 1. create a networkpolicy with below YAML which defines ingress and egress rules apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: test-network-policy namespace: default spec: podSelector: matchLabels: role: db policyTypes: - Ingress - Egress ingress: - from: - ipBlock: cidr: 172.17.0.0/16 except: - 172.17.1.0/24 - namespaceSelector: matchLabels: project: myproject - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 egress: - to: - ipBlock: cidr: 10.0.0.0/24 ports: - protocol: TCP port: 5978 2. check networkpolicy details at Networking -> NetworkPolicies -> click on 'test-network-policy' Actual results: 2. NetworkPolicy details page only shows 'Ingress rules' table, maybe we should also show 'Egress rules' table, Egress rules is also important part for NetworkPolicy and only in this way we have a complete view of networkpolicy rules Expected results: Additional info:
Note that, not showing egress rules made sense as long as openshift-sdn was the only possible CNI plugin, as it doesn't support egress. Now, when ovn-k is used as a cni plugin, egress rules are supported. I suggest adding a small explanation text about when egress rules are supported or not, like it's done in https://issues.redhat.com/browse/NETOBSERV-4. Note also that a RFE was created in order to expose information about CNI plugin in use: https://issues.redhat.com/browse/RFE-1873 ; when implemented, it will be possible to modify how egress rules are displayed (ie. hide it or show warning when there's an egress rule while openshift SDN is used - and remove the explanation text when ovn-k is used)
with the fix now we show Egress rules table on NetworkPolicy details page, as described in comment #1 how egress rules can be displayed is not in the scope of this bug, so now everything is working as expected Verified on 4.8.0-0.nightly-2021-05-26-172234
Created attachment 1787475 [details] Egress rules table on NetworkPolicy details page
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438