about summary refs log tree commit diff
path: root/tools
diff options
context:
space:
mode:
Diffstat (limited to 'tools')
-rw-r--r--tools/monitoring/templates/network-policy.yaml51
1 files changed, 35 insertions, 16 deletions
diff --git a/tools/monitoring/templates/network-policy.yaml b/tools/monitoring/templates/network-policy.yaml
index 9e8bd65..b50c3af 100644
--- a/tools/monitoring/templates/network-policy.yaml
+++ b/tools/monitoring/templates/network-policy.yaml
@@ -6,15 +6,14 @@ metadata:
 spec:
   podSelector: {}
   policyTypes:
-  - Ingress
-  - Egress
+    - Ingress
+    - Egress
   ingress:
-  - from:
-    - podSelector: {}
-  - from:
-    - namespaceSelector:
-        matchLabels:
-          name: monitoring
+    - from:
+        - podSelector: {}
+  egress:
+    - to:
+        - podSelector: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
@@ -25,14 +24,34 @@ spec:
   podSelector:
     matchLabels:
       app.kubernetes.io/name: grafana
+  policyTypes:
+    - Ingress
   ingress:
-  - from:
-    - namespaceSelector:
-        matchLabels:
-          name: kube-system
-    - podSelector:
-        matchLabels:
-          app: traefik
+    - from:
+        - namespaceSelector:
+            matchLabels:
+              name: kube-system
+        - podSelector:
+            matchLabels:
+              app: traefik
+        - {}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-external-ingress-to-grafana
+  namespace: monitoring
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: grafana
   policyTypes:
-  - Ingress
+    - Ingress
+  ingress:
+    - from: 
+        - ipBlock:
+            cidr: 0.0.0.0/0
+  egress:
+    - to:
+        - podSelector: {}
generated by cgit-pink 1.4.1-2-gfad0 (git 2.37.1) at 2024-12-26 06:29:56 +0100