asm-ingress - Add `NetworkPolicies` and `AuthorizationPolicies` - Githubissues

mathieu-benoit / my-kubernetes-deployments

0 stars 0 forks source link

asm-ingress - Add `NetworkPolicies` and `AuthorizationPolicies` #11

Closed mathieu-benoit closed 3 years ago

mathieu-benoit commented 3 years ago

And mTLS?

mathieu-benoit commented 3 years ago

mTLS done here https://github.com/mathieu-benoit/my-kubernetes-deployments/commit/9d98116d4bb81b80b0b36af691ea638327142d4e

mathieu-benoit commented 3 years ago

AuthorizationPolicies done here https://github.com/mathieu-benoit/my-kubernetes-deployments/commit/9510964bbde8e89bec2af069cabfe50a35326b63

mathieu-benoit commented 3 years ago

NetworkPolicies done here https://github.com/mathieu-benoit/my-kubernetes-deployments/commit/3b4760845003cc6d67a9acb469d4daba36e84003 and here https://github.com/mathieu-benoit/my-kubernetes-deployments/commit/a8b2b24d26e9feaf328eb98b7311acd89820dea3

mathieu-benoit commented 3 years ago

asm-ingressgateway pod needs to access the outside world: https://github.com/mathieu-benoit/my-kubernetes-deployments/commit/b951185a2a09e70b03086abbc0f3099085f91386

To avoid error messages like:

warn    Error fetching GCP zone: Get "http://metadata.google.internal/computeMetadata/v1/instance/zone": dial tcp: i/o timeout

or accessing the kube-dns in kube-system.