Network Policy
After you have created the Control Center Service Access Resource, create a network policy to restrict access to incoming and outgoing traffic.
Following is sample file for network policy:
# networkpolicy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: sccm-networkpolicy
labels:
app.kubernetes.io/name: sccm
app.kubernetes.io/instance: sccm
spec:
podSelector:
matchLabels:
app.kubernetes.io/name: sccm
app.kubernetes.io/instance: sccm
ingress:
- from:
ports:
- protocol: TCP
port: <port value given in httpPort in configmap>
- protocol: TCP
port: <port value given in webHttpPort in configmap >
- protocol: TCP
port: <port value given in httpsPort in configmap>
- protocol: TCP
port: <port value given in webHttpsPort in configmap >
egress:
- {}
policyTypes:
- Ingress
- Egress
Invoke the following command to create a network
policy:
# kubectl create -f networkpolicy.yaml