k3s-cluster/cluster/apps/management/network_policy.yaml

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: deny-most-allow-some
  namespace: management
spec:
  # Apply to all pods in this namespace
  podSelector: {}
  ingress:
  - from:
    # Allow all pods in this namespace
    - namespaceSelector:
        matchLabels:
          name: "management"

    # Allow traefik pods
    - namespaceSelector:
        matchLabels:
          name: "traefik"

    # Allow all pods with this label
    - podSelector:
        matchLabels:
          needsManagement: "yes"
Add Apache Guacamole 2023-04-11 00:44:45 -04:00			`apiVersion: networking.k8s.io/v1`
			`kind: NetworkPolicy`
			`metadata:`
			`name: deny-most-allow-some`
Move 'utilities' to 'management', add transfersh 2023-04-12 01:30:13 -04:00			`namespace: management`
Add Apache Guacamole 2023-04-11 00:44:45 -04:00			`spec:`
			`# Apply to all pods in this namespace`
			`podSelector: {}`
			`ingress:`
			`- from:`
			`# Allow all pods in this namespace`
			`- namespaceSelector:`
			`matchLabels:`
Move 'utilities' to 'management', add transfersh 2023-04-12 01:30:13 -04:00			`name: "management"`
Add Apache Guacamole 2023-04-11 00:44:45 -04:00
			`# Allow traefik pods`
			`- namespaceSelector:`
			`matchLabels:`
			`name: "traefik"`

			`# Allow all pods with this label`
			`- podSelector:`
			`matchLabels:`
Move 'utilities' to 'management', add transfersh 2023-04-12 01:30:13 -04:00			`needsManagement: "yes"`