Update BB-Common and Updated default egress Network Policies
General MR
Summary
- Updated bb-common version
- Updated default egress netpols
Relevant logs/screenshots
Previous Network Policies:
NAME POD-SELECTOR AGE
allow-egress-from-velero-to-kubeapi app.kubernetes.io/name=velero 7m34s
allow-egress-from-velero-to-ns-minio-pod-minio-instance-tcp-port-9000 app.kubernetes.io/name=velero 7m34s
allow-egress-from-velero-to-ns-tempo-pod-tempo-tcp-port-9411 app.kubernetes.io/name=velero 7m34s
allow-egress-from-velero-to-storage-subnets app.kubernetes.io/name=velero 7m34s
allow-ingress-to-velero-tcp-port-8085-from-ns-monitoring-pod-prometheus app.kubernetes.io/name=velero 7m34s
default-egress-allow-all-in-ns <none> 7m34s
default-egress-allow-istiod <none> 7m34s
default-egress-allow-kube-dns <none> 7m34s
default-egress-deny-all <none> 7m34s
default-ingress-allow-all-in-ns <none> 7m34s
default-ingress-allow-prometheus-to-istio-sidecar <none> 7m34s
default-ingress-deny-all <none> 7m34sUpdated Network Policies:
NAME POD-SELECTOR AGE
allow-egress-from-any-pod-to-kubeapi <none> 9s
allow-egress-from-any-pod-to-ns-tempo-pod-tempo-tcp-port-9411 <none> 9s
allow-egress-from-velero-to-ns-minio-pod-minio-instance-tcp-port-9000 app.kubernetes.io/name=velero 8m49s
allow-egress-from-velero-to-storage-subnets app.kubernetes.io/name=velero 8m49s
allow-ingress-to-velero-tcp-port-8085-from-ns-monitoring-pod-prometheus app.kubernetes.io/name=velero 8m49s
default-egress-allow-all-in-ns <none> 8m49s
default-egress-allow-istiod <none> 8m49s
default-egress-allow-kube-dns <none> 8m49s
default-egress-deny-all <none> 8m49s
default-ingress-allow-all-in-ns <none> 8m49s
default-ingress-allow-prometheus-to-istio-sidecar <none> 8m49s
default-ingress-deny-all <none> 8m49sLinked Issue
Upgrade Notices
N/A
Umbrella Branch
velero-netpol-update
Edited by Jimmy Bourque