fix: move network policies to where they belong
This commit is contained in:
@@ -1,28 +0,0 @@
|
||||
apiVersion: "cilium.io/v2"
|
||||
kind: CiliumNetworkPolicy
|
||||
metadata:
|
||||
name: allow-host-port-9070
|
||||
namespace: csi-addons-system
|
||||
spec:
|
||||
endpointSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: csi-addons
|
||||
egress:
|
||||
- toEntities:
|
||||
- host
|
||||
toPorts:
|
||||
- ports:
|
||||
- port: "9070"
|
||||
protocol: TCP
|
||||
---
|
||||
apiVersion: cilium.io/v2
|
||||
kind: CiliumNetworkPolicy
|
||||
metadata:
|
||||
name: addons-to-remote-node
|
||||
namespace: csi-addons-system
|
||||
spec:
|
||||
description: remote node
|
||||
egress:
|
||||
- toEntities:
|
||||
- remote-node
|
||||
endpointSelector: {}
|
||||
@@ -1,15 +0,0 @@
|
||||
apiVersion: cilium.io/v2
|
||||
kind: CiliumNetworkPolicy
|
||||
metadata:
|
||||
name: allow-kube-api
|
||||
namespace: dapr-system
|
||||
spec:
|
||||
endpointSelector:
|
||||
matchLabels: {}
|
||||
egress:
|
||||
- toEntities:
|
||||
- kube-apiserver
|
||||
toPorts:
|
||||
- ports:
|
||||
- port: "6443"
|
||||
protocol: TCP
|
||||
@@ -1,16 +0,0 @@
|
||||
apiVersion: cilium.io/v2
|
||||
kind: CiliumNetworkPolicy
|
||||
metadata:
|
||||
name: allow-remote-node-webhooks
|
||||
namespace: dapr-system
|
||||
spec:
|
||||
endpointSelector:
|
||||
matchLabels: {}
|
||||
ingress:
|
||||
- fromEntities:
|
||||
- kube-apiserver
|
||||
- remote-node
|
||||
- toPorts:
|
||||
- ports:
|
||||
- port: "4000"
|
||||
protocol: TCP
|
||||
@@ -1,13 +0,0 @@
|
||||
apiVersion: cilium.io/v2
|
||||
kind: CiliumNetworkPolicy
|
||||
metadata:
|
||||
name: allow-geoserver-ingress
|
||||
namespace: geoserver
|
||||
spec:
|
||||
endpointSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/instance: geoserver
|
||||
ingress:
|
||||
- fromEndpoints:
|
||||
- matchLabels:
|
||||
io.kubernetes.pod.namespace: ingress-nginx
|
||||
@@ -1,17 +0,0 @@
|
||||
apiVersion: cilium.io/v2
|
||||
kind: CiliumNetworkPolicy
|
||||
metadata:
|
||||
name: allow-world-to-rabbitmq-http
|
||||
namespace: rabbitmq
|
||||
spec:
|
||||
endpointSelector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: rabbitmq
|
||||
ingress:
|
||||
- fromEntities:
|
||||
- world
|
||||
- toPorts:
|
||||
- ports:
|
||||
- port: "15672"
|
||||
protocol: TCP
|
||||
|
||||
Reference in New Issue
Block a user