Comments (6)
Do you have any idea on how would you approach this? Can we somehow look for NetworkPolicy or PodSecurityPolicy and add the indication based on that? Or should we just have a simple annotation that needs to be explicitly set by the user to indicate that this is a network restricted service? @usamaahmadkhan
from forecastle.
How about adding a default check for nginx-ingress annotation. external-ingress means it is public and internal-ingress means it is network restricted.
from forecastle.
I believe that is just our usecase that we have 2 different nginx ingress controllers with specific names internal-ingress
and external-ingress
. Implementing it like you mentioned would restrict users to use this feature in many ways. Lets say they don't even run an nginx controller and they don't have annotations specified for their controller. I think we need to approach this in a more generic and decoupled way in which our scenario can also easily fit
from forecastle.
Then NetworkPolicy should do it. We should assign labels like network-restricted=true/false
to pod that require restriction and then use PodSelector
in NetworkPolicy to restrict those pods. Similarly watching these labels when adding a mark on the UI.
from forecastle.
@usamaahmadkhan I think we should start from the basic, i.e., allow users to specify whether an app is network restricted or not manually. And then support automatic detection. Partial support is already in for this in #78 . We can use the annotation forecastle.stakater.com/network-restricted
to specify if an app is restricted or not
from forecastle.
The feature has been implemented in #80
from forecastle.
Related Issues (20)
- Helm forecastle 1.0.65 CustomResourceDefinition "forecastleapps.forecastle.stakater.com" is invalid HOT 2
- bug: Forecastle crd spec.urlFrom.ingressRef.name does not work HOT 2
- Add support for changing the page title HOT 4
- Migrating from ingress networking.k8s.io/v1beta1 to /v1 HOT 10
- Feature request - change forcastle root path
- Add link to group
- Results couldn't be loaded due to an error HOT 11
- Feature Request : Traefik IngressRoute / IngressRouteTCP
- broken pipe when many apps HOT 1
- Support searching from anywhere
- no matches for kind "Route" in version "route.openshift.io/v1" HOT 5
- Deploy and remove from the launchpad HOT 2
- Regression in helm chart rbac for ForecastleApp HOT 2
- Feature request: Add a description field / external URL's
- forecastle should crash/fail when run into panic HOT 1
- Dependency Dashboard
- 1.0.130 does not work anymore. (empty page) HOT 4
- [ENHANCE]: Add helm repo to documentation HOT 1
- [BUG] Forecastle fails on empty TLS field in ingress
- [BUG] Icons don't get displayed HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from forecastle.