UNCLASSIFIED - NO CUI

Skip to content

[FEAT] - Adding Templates for Network policies

Ryan Garcia requested to merge network-policies into main

Adding the following templates for Network Policies to accomplish the following:

  • Default deny any Egress+Ingress to namespace.
  • Allow haproxy egress to cluster (for kube-dns)
  • Allow authservice egress to cluster (for kube-dns & customer applications)
  • Allow istio-ingressgateway ingress to haproxy for VirtualService routing
  • Allow .Value.selector ingress to authservice for purpose of authservice
  • allow monitoring app ingress for authservice+alertmanager UIs & istio sidecar metrics scraping
  • allow ingress from inside package namespace

BB issue 427

Edited by Ryan Garcia

Merge request reports