Which section(s) is the issue in?
Configuring multitenant isolation by using network policy
for the procedure step 1a for allowing access from ingress
What needs fixing?
The example uses syntax that the Release Notes https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html#ocp-4-8-network-policy-host-network-ingress-controllers references as legacy now and subject to removal in future versions.
The example should be updated as follows to reflect the change mentioned in the release notes and reduce potential for confusion. This was brought to my attention by a customer, and the following worked for them.
$ cat << EOF| oc create -f -
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-from-openshift-ingress
spec:
ingress:
- from:
- namespaceSelector:
matchLabels:
policy-group.network.openshift.io/ingress=""
podSelector: {}
policyTypes:
- Ingress
EOF
Which section(s) is the issue in?
Configuring multitenant isolation by using network policy
for the procedure step 1a for allowing access from ingress
What needs fixing?
The example uses syntax that the Release Notes https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html#ocp-4-8-network-policy-host-network-ingress-controllers references as legacy now and subject to removal in future versions.
The example should be updated as follows to reflect the change mentioned in the release notes and reduce potential for confusion. This was brought to my attention by a customer, and the following worked for them.