UNCLASSIFIED - NO CUI

Skip to content

Resolve "Egress Whitelist - Metrics Server"

Steven Donald requested to merge 33-egress-whitelist-metrics-server into main

General MR

Summary

As part of big-bang&160, we will want to enable users to configure setting REGISTRY_ONLY traffic policy on a per-package basis, in addition to allowing for it to be set globally in the meshConfig (see #1886).

Relevant logs/screenshots

(Include any relevant logs/screenshots)

Linked Issue

issue

Upgrade Notices

N/A

Overrides File

networkPolicies:
  # -- Toggle all package NetworkPolicies, can disable specific packages with `package.values.networkPolicies.enabled`
  enabled: false

kyvernoPolicies:
  # -- Toggle deployment of Kyverno policies
  enabled: false 
  values:
    excludeContainers:
    - netshoot

addons:
  metricsServer:
    enabled: true
    git:
      tag: null
      branch: "33-egress-whitelist-metrics-server"
    values:
      podAnnotations:
        sidecar.istio.io/logLevel: debug
      istio:
        enabled: true
        hardened:
          enabled: true
          customServiceEntries: []
          # customServiceEntries:
          #   - name: "google-com-test"
          #     enabled: true
          #     spec:
          #       hosts:
          #         - google.com
          #         - www.google.com
          #       location: MESH_EXTERNAL
          #       ports:
          #         - number: 443
          #           protocol: TLS
          #           name: https
          #       resolution: DNS

Closes #33 (closed)

Edited by Steven Donald

Merge request reports

UNCLASSIFIED - NO CUI