github.com/fafucoder/cilium@v1.6.11/examples/policies/l7/dns/dns.yaml

github.com/fafucoder/cilium@v1.6.11/examples/policies/l7/dns/dns.yaml (about)

     1  apiVersion: cilium.io/v2
     2  kind: CiliumNetworkPolicy
     3  metadata:
     4    name: "tofqdn-dns-visibility"
     5  spec:
     6    endpointSelector:
     7      matchLabels:
     8        any:org: alliance
     9    egress:
    10    - toEndpoints:
    11      - matchLabels:
    12         "k8s:io.kubernetes.pod.namespace": kube-system
    13         "k8s:k8s-app": kube-dns
    14      toPorts:
    15        - ports:
    16           - port: "53"
    17             protocol: ANY
    18          rules:
    19            dns:
    20              - matchName: "cilium.io"
    21              - matchPattern: "*.cilium.io"
    22              - matchPattern: "*.api.cilium.io"
    23  
    24    - toFQDNs:
    25        - matchName: "cilium.io"
    26        - matchName: "sub.cilium.io"
    27        - matchName: "service1.api.cilium.io"
    28        - matchPattern: "special*service.api.cilium.io"
    29      toPorts:
    30        - ports:
    31           - port: "80"
    32             protocol: TCP