Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CCM-Managed firewalls for Linodes #185

Closed
AshleyDumaine opened this issue Mar 7, 2024 · 1 comment
Closed

CCM-Managed firewalls for Linodes #185

AshleyDumaine opened this issue Mar 7, 2024 · 1 comment
Assignees
@AshleyDumaine

Comments

@AshleyDumaine
Copy link
Member

Recently CCM-managed firewall support was added although this only applies for NodeBalancers. We'd like to have this feature also added for managing firewalls for Nodes themselves, likely based on Node annotations similar to the existing Service annotation support:

kind: Node
apiVersion: v1
metadata:
  annotations:
    node.alpha.kubernetes.io/linode-firewall-acl: |
      {
        "allowList": {
          "ipv4": ["8.8.8.8/32"],
          "ipv6": ["dead:beef::/64"]
        }
      }

This would be used by CAPL to request Firewalls be created and configured for workload clusters (see linode/cluster-api-provider-linode#169 which reuses some of the CCM's firewall logic).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AshleyDumaine AshleyDumaine

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[feat] - Add Cloud firewall support on Nodes via annotations linode/linode-cloud-controller-manager
1 participant
@AshleyDumaine