github.com/fafucoder/cilium@v1.6.11/examples/policies/l7/dns/dns-visibility.yaml (about)

     1  apiVersion: cilium.io/v2
     2  kind: CiliumNetworkPolicy
     3  metadata:
     4    name: "tofqdn-dns-visibility"
     5  spec:
     6    endpointSelector:
     7      matchLabels:
     8        any:org: alliance
     9    egress:
    10    - toEndpoints:
    11      - matchLabels:
    12         "k8s:io.kubernetes.pod.namespace": kube-system
    13         "k8s:k8s-app": kube-dns
    14      toPorts:
    15        - ports:
    16           - port: "53"
    17             protocol: ANY
    18          rules:
    19            dns:
    20              - matchPattern: "*"
    21    - toFQDNs:
    22        - matchName: "cilium.io"
    23        - matchName: "sub.cilium.io"
    24        - matchPattern: "*.sub.cilium.io"