#99: "Add custom network policies"
General MR
Summary
Adds support to Fluentbit for custom network policies via values yaml.
This depends on big-bang/bigbang!4184 (merged) for a documentation reference
Relevant logs/screenshots
Given overrides like this
fluentbit:
enabled: true
sourceType: "git"
git:
repo: https://repo1.dso.mil/big-bang/product/packages/fluentbit.git
path: "./chart"
tag: null
branch: "99-add-custom-network-policies"
values:
networkPolicies:
enabled: true
additionalPolicies:
- name: this-is-a-fluentbit-operator-job-test-test
spec:
podSelector: {}
policyTypes:
- Egress
egress:
- to:
- ipBlock:
cidr: 172.20.0.0/12
- name: this-is-a-zwei-fluentbit-operator-job-test-test
spec:
podSelector: {}
policyTypes:
- Ingress
ingress:
- from:
- ipBlock:
cidr: 172.20.0.0/12We get network policies like this (new ones at the bottom):
$ kubectl get networkpolicies -n fluentbit
NAME POD-SELECTOR AGE
allow-intra-namespace app.kubernetes.io/name=fluent-bit 15s
allow-dns-lookups app.kubernetes.io/name=fluent-bit 15s
allow-loki-egress-fluentbit app.kubernetes.io/name=fluent-bit 15s
allow-to-istiod app.kubernetes.io/name=fluent-bit 15s
allow-api-egress-fluentbit app.kubernetes.io/name=fluent-bit 15s
allow-fluentbit-sidecar-scraping app.kubernetes.io/name=fluent-bit 15s
allow-tempo-egress-fluentbit <none> 15s
allow-prometheus app.kubernetes.io/name=fluent-bit 15s
this-is-a-zwei-fluentbit-operator-job-test-test <none> 15s
this-is-a-fluentbit-operator-job-test-test <none> 15sLinked Issue
Closes #99 (closed)
Upgrade Notices
N/A
Closes #99 (closed)
Edited by Jimmy Ungerman