Installing network policies for License Service

If you have a deny-all or allow-same-namespace policy in place, import and install network policies for License Service.

Import and install network policies for License Service to work in the following scenarios:

If you do not use deny-all or allow-same-namespace policy, you do not need to import or install network policies.

For more information, see About network policy in Red Hat® OpenShift® Container Platform documentation.

Installing network policies

  1. Install License Service Egress.

    1. Go to the GitHub repository with License Service Egress.
    2. Download all yaml files that are present in this repository.
    3. Make the following adjustments in the .yaml files that you downloaded:

      • Set the namespace under the metadata section to the namespace where License Service is installed.
      • There are two Egress policies for License Service. Adjust the following definitions:
        • For Egress policy for the License Service instance: Make sure that spec.podSelector.matchLabels match the License Service instance pod labels.
        • For Egress policy for the License Service operator: Make sure that spec.podSelector.matchLabels match the License Service operator pod labels.
    4. Apply the files on your cluster by running the following command for each file:

      kubectl apply -f <the-file-name>
      
  2. Install License Service Ingress.

    1. Go to the GitHub repository with License Service Ingress.
    2. Download all yaml files that are present in this repository.
    3. Make the following adjustments in the .yaml files that you downloaded:

      • Set the namespace under the metadata section to the namespace where License Service is installed.
      • Make sure that the spec.podSelector.matchLabels definition matches the labels of the License Service instance pod.
    4. Apply the files on your cluster by running the following command for each file:

      kubectl apply -f <the-file-name>