36 lines
855 B
YAML
36 lines
855 B
YAML
{{- if not .Open }}
|
|
---
|
|
kind: NetworkPolicy
|
|
apiVersion: networking.k8s.io/v1
|
|
metadata:
|
|
name: allow-linkerd # required for OCSP
|
|
namespace: {{ .Name }}
|
|
spec:
|
|
podSelector: {}
|
|
policyTypes:
|
|
- Ingress
|
|
- Egress
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: In
|
|
values:
|
|
- linkerd-viz
|
|
- ports:
|
|
- port: linkerd-admin
|
|
from:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
kubernetes.io/metadata.name: monitoring
|
|
egress:
|
|
- to:
|
|
- namespaceSelector:
|
|
matchExpressions:
|
|
- key: kubernetes.io/metadata.name
|
|
operator: In
|
|
values:
|
|
- linkerd
|
|
- linkerd-jaeger
|
|
{{- end }} |