54 lines
1.2 KiB
YAML
54 lines
1.2 KiB
YAML
|
kind: NetworkPolicy
|
||
|
|
apiVersion: networking.k8s.io/v1
|
||
|
|
metadata:
|
||
|
|
name: sample-shared-cs-interinstance-core
|
||
|
|
labels:
|
||
|
|
nplus/instance: sample-shared-cs
|
||
|
|
spec:
|
||
|
|
podSelector:
|
||
|
|
matchLabels:
|
||
|
|
nplus/instance: sample-shared-cs
|
||
|
|
nplus/type: nstl
|
||
|
|
policyTypes:
|
||
|
|
- Ingress
|
||
|
|
ingress:
|
||
|
|
#
|
||
|
|
# allow access from alien CORE components to a central nscale Storage Layer
|
||
|
|
#
|
||
|
|
- from:
|
||
|
|
- podSelector:
|
||
|
|
matchLabels:
|
||
|
|
nplus/instance: sample-shared
|
||
|
|
nplus/type: core
|
||
|
|
ports:
|
||
|
|
- protocol: TCP
|
||
|
|
port: 3005
|
||
|
|
---
|
||
|
|
kind: NetworkPolicy
|
||
|
|
apiVersion: networking.k8s.io/v1
|
||
|
|
metadata:
|
||
|
|
name: sample-shared-cs-interinstance-mon
|
||
|
|
labels:
|
||
|
|
nplus/instance: sample-shared-cs
|
||
|
|
spec:
|
||
|
|
podSelector:
|
||
|
|
matchLabels:
|
||
|
|
nplus/instance: sample-shared-cs
|
||
|
|
nplus/type: mon
|
||
|
|
policyTypes:
|
||
|
|
- Egress
|
||
|
|
egress:
|
||
|
|
#
|
||
|
|
# allow monitoring console to monitor alien components.
|
||
|
|
# you will have to set the alien monitoring in the target namespace / instance.
|
||
|
|
# .Values.security.cni.monitoringNamespace .Values.security.cni.monitoringInstance
|
||
|
|
#
|
||
|
|
- to:
|
||
|
|
- podSelector:
|
||
|
|
matchLabels:
|
||
|
|
nplus/instance: sample-shared
|
||
|
|
nplus/type: core
|
||
|
|
ports:
|
||
|
|
- protocol: TCP
|
||
|
|
port: 3005
|