28 lines
578 B
YAML
28 lines
578 B
YAML
# yaml-language-server: $schema=https://ks.hsn.dev/cilium.io/ciliumclusterwidenetworkpolicy_v2.json
|
|
---
|
|
apiVersion: cilium.io/v2
|
|
kind: CiliumClusterwideNetworkPolicy
|
|
metadata:
|
|
name: kubelet
|
|
spec:
|
|
nodeSelector:
|
|
# apply to all nodes
|
|
matchLabels: {}
|
|
ingress:
|
|
# api server -> kubelet
|
|
- fromEntities:
|
|
- kube-apiserver
|
|
toPorts:
|
|
- ports:
|
|
- port: '10250'
|
|
protocol: TCP
|
|
egress:
|
|
# kubelet -> load balancer
|
|
- toCIDR:
|
|
- 167.235.217.82/32
|
|
toEntities:
|
|
- host
|
|
toPorts:
|
|
- ports:
|
|
- port: '6443'
|
|
protocol: TCP
|