-
公开(公告)号:US20230022134A1
公开(公告)日:2023-01-26
申请号:US17474082
申请日:2021-09-14
Applicant: VMWARE, INC.
Inventor: Shriya Talwar , Prahalad Deshpande , Ambarish Prashant Pande , Devraj Narendra Baheti
Abstract: This document describes a network policy evaluation platform that evaluates, validates, and troubleshoots network policy configurations. In one aspect, a method includes obtaining a first network policy applied by a container orchestration platform for managing network traffic for a cluster of container workloads. First network rules are extracted from the first network policy. A canonical rule model is generated for the first network rule(s). A second network policy applied by a network provider plugin configured to run within the cluster and to manage the network traffic for the cluster of container workloads is obtained. Second network rules are extracted from the second network policy. A canonical rule model is generated for the one or more second network rules. One or more conflicts between the first network policy and the second network policy are detected based on an evaluation of each first canonical rule model and each second canonical rule model.
Search Results
1
records
(took 0.009 seconds)
