Skip to content

Commit

Permalink
Merge pull request #34 from bzub/invalid-policy
Browse files Browse the repository at this point in the history
Handle invalid NetworkPolicy definition
  • Loading branch information
bzub authored Jun 22, 2017
2 parents 74f4676 + 2b019ce commit 75e7698
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions app/controllers/network_policy_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -320,6 +320,9 @@ func (npc *NetworkPolicyController) syncPodFirewallChains() (map[string]bool, er

// loop through the pods running on the node which has default ingress to be denied
podsOnNodeInfo, err := getPodsRunningOnNode(npc.nodeIP.String())
if err != nil {
return nil, err
}
for _, pod := range *podsOnNodeInfo {

// below condition occurs when we get trasient update while removing or adding pod
Expand Down Expand Up @@ -623,6 +626,9 @@ func getNameSpaceDefaultPolicy(namespace string) (string, error) {
err := json.Unmarshal([]byte(networkPolicyAnnotation), &annot)
if err == nil {
return annot["ingress"]["isolation"], nil
} else {
glog.Errorf("Skipping invalid network-policy for namespace \"%s\": %s", namespace, err)
return "DefaultAllow", errors.New("Invalid NetworkPolicy.")
}
} else {
return "DefaultAllow", nil
Expand Down

0 comments on commit 75e7698

Please sign in to comment.