ungleich-public
/
ungleich-k8s
6
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
ungleich-k8s/generic/pod-network-policy.yaml

98 lines
1.6 KiB
YAML
Raw Permalink Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: memcached-deployment
spec:
selector:
matchLabels:
app: memcached-test
replicas: 1
template:
metadata:
labels:
app: memcached-test
spec:
containers:
- name: memcache
image: memcached:1.6.12-alpine
ports:
- containerPort: 11211
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: test-network-policy
namespace: default
spec:
podSelector:
matchLabels:
app: memcached-test
policyTypes:
- Ingress
- Egress
ingress:
- from:
# - ipBlock:
# cidr: 172.17.0.0/16
# except:
# - 172.17.1.0/24
# - namespaceSelector:
# matchLabels:
# project: myproject
- podSelector:
matchLabels:
app: myapp
role: frontend
ports:
- protocol: TCP
port: 11211
# egress:
# - to:
# - ipBlock:
# cidr: 10.0.0.0/24
# ports:
# - protocol: TCP
# port: 5978
---
apiVersion: v1
kind: Pod
metadata:
name: alpine-memcached-sleep-access
labels:
app: myapp
role: frontend
spec:
containers:
- name: alpine
image: alpine:3.14
args:
- sleep
- "1000000"
---
apiVersion: v1
kind: Pod
metadata:
name: alpine-memcached-sleep-noaccess
labels:
app: myapp
role: notfrontend
spec:
containers:
- name: alpine
image: alpine:3.14
args:
- sleep
- "1000000"
---
apiVersion: v1
kind: Service
metadata:
name: memcache-service
spec:
selector:
app: memcached-test
ports:
- protocol: TCP
port: 11211
Reference in New Issue View Git Blame Copy Permalink