networks:
  - name: internet
    cidr: 0.0.0.0/0
    except:
      - 10.0.0.0/8
      - 172.16.0.0/12
      - 192.168.0.0/16
    ports:
      - port: 2303
        protocol: UDP

namespaces:
  - name: openns
    open: true
    applications:
      - name: myapp
        matchLabels:
          app: myapp
      - name: openapp
        ports:
          - port: 100
            protocol: TCP
        serviceAccounts:
          - xyz

  - name: wamblee-org
    #open: true
    capabilities:
      - linkerd
      - dns
    applications:
      - name: nexus-server
        # ports when specified at the application level are used when
        # not explicitly mentioned when a link is made
        ports:
          - port: 8081
          - port: 8082
            protocol: UDP
        serviceAccounts:
          - jantje
        matchLabels: 
          app: nexus-server
        #matchExpressions:
        #  - key: jenkins/label
        #    operator: Exists


  - name: exposure
    open: false
    applications:
      - name: httpd-wamblee-org
        matchLabels:
          app: httpd-wamblee-org
        ports:
         - port: 80
         - port: 1001
           protocol: UDP

communications:
  - from:
      - openapp
    to:
      - nexus-server

  - from: # can we support both string and list of strings?
      - httpd-wamblee-org
      - internet
      #- apiserver
    to:
      - nexus-server
      - internet
    ports:
      - port: 8084
      - port: 53
        protocol: UDP


#  # or limiting ports further
#  - from:
#      - httpd-wamblee-org
#    to:
#      - nexus-server
#    ports:
#      - 8081
#      - 8082