diff options
| author | makefunstuff <[email protected]> | 2024-06-28 21:22:25 +0200 |
|---|---|---|
| committer | makefunstuff <[email protected]> | 2024-06-28 21:22:25 +0200 |
| commit | 17108bfc644a27372b830e550ea8eba91dc5c6da (patch) | |
| tree | e12a01de2b18828d041e1cc114b062fbb85820cb | |
| parent | 70c535f34fb71645ab0f31392430060645ebeeec (diff) | |
| download | k3s-lab-17108bfc644a27372b830e550ea8eba91dc5c6da.tar.gz | |
more networking
| -rw-r--r-- | tools/monitoring/templates/network-policy.yaml | 51 |
1 files changed, 35 insertions, 16 deletions
diff --git a/tools/monitoring/templates/network-policy.yaml b/tools/monitoring/templates/network-policy.yaml index 9e8bd65..b50c3af 100644 --- a/tools/monitoring/templates/network-policy.yaml +++ b/tools/monitoring/templates/network-policy.yaml @@ -6,15 +6,14 @@ metadata: spec: podSelector: {} policyTypes: - - Ingress - - Egress + - Ingress + - Egress ingress: - - from: - - podSelector: {} - - from: - - namespaceSelector: - matchLabels: - name: monitoring + - from: + - podSelector: {} + egress: + - to: + - podSelector: {} --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy @@ -25,14 +24,34 @@ spec: podSelector: matchLabels: app.kubernetes.io/name: grafana + policyTypes: + - Ingress ingress: - - from: - - namespaceSelector: - matchLabels: - name: kube-system - - podSelector: - matchLabels: - app: traefik + - from: + - namespaceSelector: + matchLabels: + name: kube-system + - podSelector: + matchLabels: + app: traefik + - {} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-external-ingress-to-grafana + namespace: monitoring +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: grafana policyTypes: - - Ingress + - Ingress + ingress: + - from: + - ipBlock: + cidr: 0.0.0.0/0 + egress: + - to: + - podSelector: {} |