Skip to content

Commit

Permalink
Do not group hostNetwork Pods in ClusterGroup/AddressGroup
Browse files Browse the repository at this point in the history 
Fixes #3078

Signed-off-by: Yang Ding dingyang@vmware.com
Signed-off-by: Yang Ding <dingyang@vmware.com>
  • Loading branch information
@Dyanngg
Dyanngg committed Dec 2, 2021
1 parent b7da020 commit 4ad2c0a
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 3 deletions.
4 changes: 3 additions & 1 deletion pkg/controller/networkpolicy/networkpolicy_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1140,7 +1140,9 @@ func (n *NetworkPolicyController) getMemberSetForGroupType(groupType grouping.Gr
groupMemberSet := controlplane.GroupMemberSet{}
pods, externalEntities := n.groupingInterface.GetEntities(groupType, name)
for _, pod := range pods {
if len(pod.Status.PodIPs) == 0 {
// HostNetwork Pods should be excluded from group members
// https://github.com/antrea-io/antrea/issues/3078
if pod.Spec.HostNetwork == true || len(pod.Status.PodIPs) == 0 {
continue
}
groupMemberSet.Insert(podToGroupMember(pod, true))
Expand Down
4 changes: 2 additions & 2 deletions pkg/controller/networkpolicy/networkpolicy_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1305,8 +1305,8 @@ func TestAddPod(t *testing.T) {
},
},
appGroupMatch: false,
inAddressGroupMatch: true,
outAddressGroupMatch: true,
inAddressGroupMatch: false,
outAddressGroupMatch: false,
groupMatch: false,
},
{
Expand Down

0 comments on commit 4ad2c0a

Please sign in to comment.