-
Aleksandr Didenko authored
By default Calico CNI does not create any network access policies or profiles if 'policy' is enabled in CNI config. And without any policies/profiles network access to/from PODs is blocked. K8s related policies are created by calico-policy-controller in such case. So we need to start it as soon as possible, before any real workloads. This patch also fixes kube-api port in calico-policy-controller yaml template. Closes #1132
Aleksandr Didenko authoredBy default Calico CNI does not create any network access policies or profiles if 'policy' is enabled in CNI config. And without any policies/profiles network access to/from PODs is blocked. K8s related policies are created by calico-policy-controller in such case. So we need to start it as soon as possible, before any real workloads. This patch also fixes kube-api port in calico-policy-controller yaml template. Closes #1132
Loading