#99: "Add custom network policies"

General MR

Summary

Adds support to Fluentbit for custom network policies via values yaml.

This depends on big-bang/bigbang!4184 (merged) for a documentation reference

Relevant logs/screenshots

Given overrides like this

fluentbit:
  enabled: true
  sourceType: "git"
  git:
    repo: https://repo1.dso.mil/big-bang/product/packages/fluentbit.git
    path: "./chart"
    tag: null
    branch: "99-add-custom-network-policies"
  values:
    networkPolicies:
      enabled: true
      additionalPolicies:
      - name: this-is-a-fluentbit-operator-job-test-test
        spec:
          podSelector: {}
          policyTypes:
          - Egress
          egress:
          - to:
            - ipBlock:
                cidr: 172.20.0.0/12
      - name: this-is-a-zwei-fluentbit-operator-job-test-test
        spec:
          podSelector: {}
          policyTypes:
          - Ingress
          ingress:
          - from:
            - ipBlock:
                cidr: 172.20.0.0/12

We get network policies like this (new ones at the bottom):

$ kubectl get networkpolicies -n fluentbit
NAME                                              POD-SELECTOR                        AGE
allow-intra-namespace                             app.kubernetes.io/name=fluent-bit   15s
allow-dns-lookups                                 app.kubernetes.io/name=fluent-bit   15s
allow-loki-egress-fluentbit                       app.kubernetes.io/name=fluent-bit   15s
allow-to-istiod                                   app.kubernetes.io/name=fluent-bit   15s
allow-api-egress-fluentbit                        app.kubernetes.io/name=fluent-bit   15s
allow-fluentbit-sidecar-scraping                  app.kubernetes.io/name=fluent-bit   15s
allow-tempo-egress-fluentbit                      <none>                              15s
allow-prometheus                                  app.kubernetes.io/name=fluent-bit   15s

this-is-a-zwei-fluentbit-operator-job-test-test   <none>                              15s
this-is-a-fluentbit-operator-job-test-test        <none>                              15s

Linked Issue

Closes #99 (closed)

Upgrade Notices

N/A

Closes #99 (closed)

changed milestone to %2.26.0

assigned to @akesterson

added 1 commit

• 2b7bab0e - #99 (closed) : Add custom network policies

Compare with previous version

changed the description

marked this merge request as ready

changed title from Draft: Resolve "Add custom network policies" to #99: "Add custom network policies"

changed the description

added statusreview label

requested review from @steven.donald, @kliu, @jimmyungerman, @piotr.machaj, @blairbowden, and @w.griffing

added teamObservability label

changed the description

approved this merge request

Approved but can't merge until big-bang/bigbang!4184 (merged) is merged it appears

Edit: unapproved until namespace question is resolved

unapproved this merge request

resolved all threads

approved this merge request

added 7 commits

• 2b7bab0e...8b52e48b - 6 commits from branch main
• 8b1696de - #99 (closed) : Add custom network policies

Compare with previous version

reset approvals from @jimmyungerman by pushing to the branch

changed milestone to %2.27.0

approved this merge request

mentioned in commit 9552f35c

merged

mentioned in merge request big-bang/bigbang!4244 (merged)