diff options
-rw-r--r-- | tools/monitoring/templates/network-policy.yaml | 51 |
1 files changed, 35 insertions, 16 deletions
diff --git a/tools/monitoring/templates/network-policy.yaml b/tools/monitoring/templates/network-policy.yaml index 9e8bd65..b50c3af 100644 --- a/tools/monitoring/templates/network-policy.yaml +++ b/tools/monitoring/templates/network-policy.yaml @@ -6,15 +6,14 @@ metadata: spec: podSelector: {} policyTypes: - - Ingress - - Egress + - Ingress + - Egress ingress: - - from: - - podSelector: {} - - from: - - namespaceSelector: - matchLabels: - name: monitoring + - from: + - podSelector: {} + egress: + - to: + - podSelector: {} --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy @@ -25,14 +24,34 @@ spec: podSelector: matchLabels: app.kubernetes.io/name: grafana + policyTypes: + - Ingress ingress: - - from: - - namespaceSelector: - matchLabels: - name: kube-system - - podSelector: - matchLabels: - app: traefik + - from: + - namespaceSelector: + matchLabels: + name: kube-system + - podSelector: + matchLabels: + app: traefik + - {} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-external-ingress-to-grafana + namespace: monitoring +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: grafana policyTypes: - - Ingress + - Ingress + ingress: + - from: + - ipBlock: + cidr: 0.0.0.0/0 + egress: + - to: + - podSelector: {} |