Skip to content

Commit

Permalink
add netpols to udn workload (#174)
Browse files Browse the repository at this point in the history 
Signed-off-by: Mohit Sheth <msheth@redhat.com>
Co-authored-by: vishnuchalla <vchalla@redhat.com>
  • Loading branch information
@mohit-sheth @vishnuchalla
mohit-sheth and vishnuchalla authored Jan 28, 2025
1 parent 5e3caab commit 87c8254
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 0 deletions.
22 changes: 22 additions & 0 deletions cmd/config/udn-density-pods/np-allow-from-clients.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: allow-from-clients-{{.Replica}}
spec:
podSelector:
matchLabels:
app: nginx
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: udn-density-pods-{{.Iteration}}
podSelector:
matchLabels:
app: client
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-burner-service-latency
ports:
- protocol: TCP
port: 8080
7 changes: 7 additions & 0 deletions cmd/config/udn-density-pods/np-deny-all.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: deny-all
spec:
podSelector: {}
ingress: []
6 changes: 6 additions & 0 deletions cmd/config/udn-density-pods/udn-density-pods.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,12 @@ jobs:
pod-security.kubernetes.io/warn: privileged
objects:

- objectTemplate: np-deny-all.yml
replicas: 1

- objectTemplate: np-allow-from-clients.yml
replicas: 1

- objectTemplate: service.yml
replicas: 5

Expand Down

0 comments on commit 87c8254

Please sign in to comment.