Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Normal
Fix Version/s: rhel-9.5
Affects Version/s: None
Component/s: nmstate
Labels:

Fixed in Build:
nmstate-2.2.31-1.el9
Severity:
Normal
Epic Link:
NMT-1025

Pool Team:

sst_network_management
Sub-System Group:

ssg_networking

Story Points:
2
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Sprint:
NMT - RHEL-9.5 DTM 12

Acceptance Criteria:
Hide

User story:

As a system administrator, I want to configure IPsec tunnels between two subnets within our OpenShift cluster and an external partner network, so that all traffic between these subnets is securely encrypted.

As a system administrator, I need to define IPsec policies that apply to specific subnets within our network architecture, allowing for efficient management and implementation of security protocols across the cluster.

Acceptance criteria:
Given a system administrator managing IPsec configurations in a network environment with NMState,
When they specify leftsubnet in combination with rightsubnet properties in the IPsec configuration,
Then, the net2net IPSec tunnel should be set up according to the subnet specifications.

Definition of Done:

The implementation meets the acceptance criteria

Unit test and integration test are written and pass

The code is part of a downstream build attached to an errata

The Release Note Text is filled

The fix needs to be backported into RHEL-9.4
Show
User story: As a system administrator, I want to configure IPsec tunnels between two subnets within our OpenShift cluster and an external partner network, so that all traffic between these subnets is securely encrypted. As a system administrator, I need to define IPsec policies that apply to specific subnets within our network architecture, allowing for efficient management and implementation of security protocols across the cluster. Acceptance criteria: Given a system administrator managing IPsec configurations in a network environment with NMState, When they specify leftsubnet in combination with rightsubnet properties in the IPsec configuration, Then, the net2net IPSec tunnel should be set up according to the subnet specifications. Definition of Done: The implementation meets the acceptance criteria Unit test and integration test are written and pass The code is part of a downstream build attached to an errata The Release Note Text is filled The fix needs to be backported into RHEL-9.4
Git Pull Request:
https://github.com/nmstate/nmstate/pull/2661
Preliminary Testing:
Requested
Errata Link:
https://errata.engineering.redhat.com/advisory/129019

Release Note Type:
Unspecified Release Note Type - Unknown

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

To enhance NMState's capabilities in configuring IPsec for complex network architectures, particularly for net2net scenarios within OpenShift clusters, there is a need to support leftsubnet property. This feature will enable system administrators to specify entire subnets for IPsec tunnels, facilitating secure communication between different network segments.

For more details on the use case, see https://docs.google.com/document/d/1togmmRF6u3gEorwQU2Zv1PQ--yILOC00GgykhwoAEAg/edit?usp=sharing

blocks

RHEL-24857 [RFE] Support net2net configuration in nmstate Libreswan

Planning

links to

RHBA-2024:129019 nmstate bug fix and enhancement update

Assignee:: Fernando Fernandez Mancera

Reporter:: Stanislas Faye

Developer:: Network Management Team

QA Contact:: Mingyu Shi

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2024/02/27 9:47 AM

Updated:: 2024/05/22 7:46 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates