mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
100 lines
3.1 KiB
Plaintext
100 lines
3.1 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/network_security/network_policy/editing-network-policy.adoc
|
|
// * microshift_networking/microshift-network-policy/microshift-editing-network-policy.adoc
|
|
|
|
:name: network
|
|
:role: admin
|
|
ifeval::["{context}" == "configuring-multi-network-policy"]
|
|
:multi:
|
|
:name: multi-network
|
|
:role: cluster-admin
|
|
endif::[]
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="nw-networkpolicy-edit_{context}"]
|
|
= Editing a {name} policy
|
|
|
|
[role="_abstract"]
|
|
To modify existing policy configurations, you can edit a {name} policy in a namespace. Edit policies by modifying the policy file and applying it with `oc apply`, or by using the `oc edit` command directly.
|
|
|
|
ifndef::multi[]
|
|
[NOTE]
|
|
====
|
|
If you log in with `cluster-admin` privileges, you can edit network policies in any namespace in the cluster.
|
|
====
|
|
endif::multi[]
|
|
|
|
ifndef::microshift[]
|
|
[NOTE]
|
|
====
|
|
If you log in with `cluster-admin` privileges, you can edit network policies in any namespace in the cluster. In the web console, you can edit policies directly in YAML or by using the *Actions* menu.
|
|
====
|
|
endif::microshift[]
|
|
|
|
.Prerequisites
|
|
ifndef::microshift[]
|
|
* Your cluster uses a network plugin that supports `NetworkPolicy` objects, such as the OVN-Kubernetes network plugin, with `mode: NetworkPolicy` set.
|
|
endif::microshift[]
|
|
* You installed the {oc-first}.
|
|
ifndef::microshift[]
|
|
* You are logged in to the cluster with a user with `{role}` privileges.
|
|
endif::microshift[]
|
|
* You are working in the namespace where the {name} policy exists.
|
|
|
|
.Procedure
|
|
|
|
. Optional: To list the {name} policy objects in a namespace, enter the following command:
|
|
+
|
|
[source,terminal,subs="attributes+"]
|
|
----
|
|
$ oc get {name} policy -n <namespace>
|
|
----
|
|
+
|
|
where:
|
|
+
|
|
`<namespace>`:: Optional: Specifies the namespace if the object is defined in a different namespace than the current namespace.
|
|
|
|
. Edit the {name} policy object.
|
|
+
|
|
.. If you saved the {name} policy definition in a file, edit the file and make any necessary changes, and then enter the following command.
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -n <namespace> -f <policy_file>.yaml
|
|
----
|
|
+
|
|
where:
|
|
+
|
|
`<namespace>`:: Optional: Specifies the namespace if the object is defined in a different namespace than the current namespace.
|
|
`<policy_file>`:: Specifies the name of the file containing the network policy.
|
|
+
|
|
.. If you need to update the {name} policy object directly, enter the following command:
|
|
+
|
|
[source,terminal,subs="attributes+"]
|
|
----
|
|
$ oc edit {name} policy <policy_name> -n <namespace>
|
|
----
|
|
+
|
|
where:
|
|
+
|
|
`<policy_name>`:: Specifies the name of the network policy.
|
|
`<namespace>`:: Optional: Specifies the namespace if the object is defined in a different namespace than the current namespace.
|
|
|
|
. Confirm that the {name} policy object is updated.
|
|
+
|
|
[source,terminal,subs="attributes+"]
|
|
----
|
|
$ oc describe {name}policy <policy_name> -n <namespace>
|
|
----
|
|
+
|
|
where:
|
|
+
|
|
`<policy_name>`:: Specifies the name of the {name} policy.
|
|
`<namespace>`:: Optional: Specifies the namespace if the object is defined in a different namespace than the current namespace.
|
|
|
|
ifdef::multi[]
|
|
:!multi:
|
|
endif::multi[]
|
|
:!name:
|
|
:!role: |