Hi Everyone,
The network-policy subgroup has been working on new resources such as
Cluster Scoped Network Policy and Network Policy V2 (Aka what we're calling the object that will help fill in gaps and expand on what was done with Network Policy V1).
After much discussion in the
Network Policy API Meeting, on the
KEP for Cluster Scoped Network Policy and in slack(
dis 1,
dis 2) we have decided that the best way to iterate on Network Policy, such as with the cluster-scoped network policy and a possible Network Policy V2, is to create a repo which will serve to house CRDs supported by the group. This follows the same pattern completed by the
Kubernetes Gateway API. It has also been agreed upon in the sub-group that this repo should be called network-policy-api as it relates to future work involving k8's network security.
Putting the project outside of kubernetes/kubernetes will allow for faster iterations and greater design freedom for new objects related to kubernetes networking security
I went ahead and
opened a new issued for the creation of the repo, but any thoughts or suggestions from the wider group on this effort would be much appreciated :)
Thanks,
Andrew