Configuring networkPolicy parameter
Note: We recommend you to use these parameters to configure appropriate network policy which
restricts inbound/outbound connections to strengthen network security.
- Used to configure network policies to control the network traffic flow to and from the application server pods.
The following .yaml file is a sample schema of
networkPolicy
parameter: networkPolicy:
podSelector:
matchLabels:
release: ""
role: ""
policyTypes:
- Ingress
ingress: []
# - from:
# - ipBlock:
# cidr: ""
# except: []
# namespaceSelector:
# matchExpressions:
# - key: ""
# operator: ""
# values: []
# matchLabels: {}
# podSelector:
# matchExpressions:
# - key: ""
# operator: ""
# values: []
# matchLabels: {}
# ports:
# - endPort:
# port: ""
# protocol: ""
# matchExpressions:
# key:
# operator:
# values:
# egress:
# - ports:
# - endPort:
# port: ""
# protocol: ""
# to:
# - ipBlock:
# cidr: ""
# except: []
# namespaceSelector:
# matchExpressions:
# - key: ""
# operator: ""
# values: []
# matchLabels: {}
# podSelector:
# matchExpressions:
# - key: ""
# operator: ""
# values: []
# matchLabels: {}The following table explains the attributes applicable for the
networkPolicy
parameter of OMEnvironment.
| Property | Default value | Value type | Required | Description |
|---|---|---|---|---|
podSelector |
object | Yes | Selects the pods to which this networkPolicyobject applies. For more
information, see Network Policies. |
|
egress |
array | No | List of egress rules to be applied to the selected pods. For more information, see Network Policies. | |
ingress |
array | No | List of ingress rules to be applied to the selected pods. For more information, see Network Policies. | |
policyTypes |
array | No | List of rule types that the NetworkPolicy relates to. Valid options are ["Ingress"], ["Egress"], or ["Ingress","Egress"]. If this field is not specified, it will be by default based on the existence of Ingress or Egress rules. |