github.com/looshlee/cilium@v1.6.12/examples/policies/l7/dns/dns.yaml (about) 1 apiVersion: cilium.io/v2 2 kind: CiliumNetworkPolicy 3 metadata: 4 name: "tofqdn-dns-visibility" 5 spec: 6 endpointSelector: 7 matchLabels: 8 any:org: alliance 9 egress: 10 - toEndpoints: 11 - matchLabels: 12 "k8s:io.kubernetes.pod.namespace": kube-system 13 "k8s:k8s-app": kube-dns 14 toPorts: 15 - ports: 16 - port: "53" 17 protocol: ANY 18 rules: 19 dns: 20 - matchName: "cilium.io" 21 - matchPattern: "*.cilium.io" 22 - matchPattern: "*.api.cilium.io" 23 24 - toFQDNs: 25 - matchName: "cilium.io" 26 - matchName: "sub.cilium.io" 27 - matchName: "service1.api.cilium.io" 28 - matchPattern: "special*service.api.cilium.io" 29 toPorts: 30 - ports: 31 - port: "80" 32 protocol: TCP