[FEAT] - Adding Templates for Network policies (!25) · Merge requests · Big Bang / Universe / Product / authservice

Ryan Garcia requested to merge network-policies into main May 28, 2021

Adding the following templates for Network Policies to accomplish the following:

Default deny any Egress+Ingress to namespace.
Allow haproxy egress to cluster (for kube-dns)
Allow authservice egress to cluster (for kube-dns & customer applications)
Allow istio-ingressgateway ingress to haproxy for VirtualService routing
Allow .Value.selector ingress to authservice for purpose of authservice
allow monitoring app ingress for authservice+alertmanager UIs & istio sidecar metrics scraping
allow ingress from inside package namespace

BB issue 427

Edited May 28, 2021 by Ryan Garcia

Admin message