ION606
27 lines
755 B
YAML
27 lines
755 B
YAML
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: allow-common-egress
|
|
namespace: ai
|
|
spec:
|
|
podSelector: {}
|
|
policyTypes: ["Egress"]
|
|
egress:
|
|
# Allow DNS to kube-dns/CoreDNS in kube-system
|
|
- to:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
kubernetes.io/metadata.name: kube-system
|
|
ports:
|
|
- { protocol: UDP, port: 53 }
|
|
- { protocol: TCP, port: 53 }
|
|
|
|
# Allow PostgreSQL to services/pods in namespace ai on 5432
|
|
- to:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
kubernetes.io/metadata.name: ai
|
|
ports:
|
|
- { protocol: TCP, port: 5432 }
|
|
|