33 lines
739 B
YAML
33 lines
739 B
YAML
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: {{ .Values.name }}
|
|
namespace: {{ .Values.namespace | default .Values.name }}
|
|
labels:
|
|
service: {{ .Values.name }}
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
service: {{ .Values.name }}
|
|
policyTypes:
|
|
- Ingress
|
|
- Egress
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
name: ingress-nginx
|
|
ports:
|
|
- protocol: TCP
|
|
port: {{ .Values.port }}
|
|
egress:
|
|
- {}
|
|
# TODO, optionally add egress restriction.
|
|
# - to:
|
|
# - namespaceSelector: {}
|
|
# podSelector: {}
|
|
# ports:
|
|
# - protocol: TCP
|
|
# port: 53
|
|
# - protocol: UDP
|
|
# port: 53
|