This is a cache of https://docs.openshift.com/container-platform/4.8/networking/ovn_kubernetes_network_provider/editing-egress-firewall-ovn.html. It is a snapshot of the page at 2024-11-20T19:52:27.554+0000.
Editing an <strong>egress</strong> firewall for a project - OVN-Kubernetes default CNI network provider | Networking | OpenShift Container Platform 4.8
×

As a cluster administrator, you can modify network traffic rules for an existing egress firewall.

Editing an egressFirewall object

As a cluster administrator, you can update the egress firewall for a project.

Prerequisites
  • A cluster using the OVN-Kubernetes default Container Network Interface (CNI) network provider plugin.

  • Install the OpenShift CLI (oc).

  • You must log in to the cluster as a cluster administrator.

Procedure
  1. Find the name of the egressFirewall object for the project. Replace <project> with the name of the project.

    $ oc get -n <project> egressfirewall
  2. Optional: If you did not save a copy of the egressFirewall object when you created the egress network firewall, enter the following command to create a copy.

    $ oc get -n <project> egressfirewall <name> -o yaml > <filename>.yaml

    Replace <project> with the name of the project. Replace <name> with the name of the object. Replace <filename> with the name of the file to save the YAML to.

  3. After making changes to the policy rules, enter the following command to replace the egressFirewall object. Replace <filename> with the name of the file containing the updated egressFirewall object.

    $ oc replace -f <filename>.yaml