atmadmin/athletic-map-deploy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sec: NetworkPolicy egress restrito (intra-ns + DNS)

Browse Source
This commit is contained in:
ATM Platform
2026-06-15 23:59:07 +00:00
parent 9a57709d69
commit ff9c0e88bf
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tenants/demo/00-namespace-quota-netpol.yaml
+9 -1
View File
@@ -52,4 +52,12 @@ spec:
matchLabels:
kubernetes.io/metadata.name: kube-system
egress:
- {}
- to: # intra-namespace (postgres, keycloak)
- podSelector: {}
- to: # DNS (CoreDNS em kube-system)
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
ports:
- { protocol: UDP, port: 53 }
- { protocol: TCP, port: 53 }
tenants/piloto/00-namespace-quota-netpol.yaml
+9 -1
View File
@@ -56,4 +56,12 @@ spec:
matchLabels:
kubernetes.io/metadata.name: kube-system # Traefik (ingress)
egress:
- {} # egress liberado (DNS, Postgres, internet)
- to: # intra-namespace (postgres, keycloak)
- podSelector: {}
- to: # DNS (CoreDNS em kube-system)
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
ports:
- { protocol: UDP, port: 53 }
- { protocol: TCP, port: 53 }