Update traefik role

2024-09-28 18:55:34 +02:00 · 2024-09-28 18:55:34 +02:00 · 232cd4de5d
commit 232cd4de5d
parent 8db2742da0
5 changed files with 64 additions and 7 deletions
--- a/templates/default-network-dns-policy.yaml.j2
+++ b/templates/default-network-dns-policy.yaml.j2
@ -0,0 +1,46 @@
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: intra-namespace
+spec:
+  podSelector: {}
+  ingress:
+    - from:
+      - namespaceSelector:
+          matchLabels:
+            name: {{ traefik_namespace }}
+
+#---
+#apiVersion: networking.k8s.io/v1
+#kind: NetworkPolicy
+#metadata:
+#  name: allow-dns-access
+#spec:
+#  podSelector:
+#    matchLabels: {}
+#  policyTypes:
+#  - Egress
+#  egress:
+#  - to:
+#    - namespaceSelector:
+#        matchLabels:
+#          kubernetes.io/metadata.name: kube-system
+#      podSelector:
+#        matchLabels:
+#          k8s-app: kube-dns
+#    ports:
+#    - protocol: UDP
+#      port: 53
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-all-traefik-v121-ingress
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: traefik
+  ingress:
+  - {}
+  policyTypes:
+  - Ingress