Create Guard to Allow Ingress
Create Guard to Allow Ingress is used to create a CloudekaGuard will allow incoming traffic to pods with a certain label from pods with other labels that are in a different namespace. Using this syntax, you can control inbound access from permitted clients. You can first run the following syntax to create a YAML file with the name allow-ingress.
nano allow-ingress.yaml
Copy and paste the following YAML contents.
apiVersion: tenants.cloudeka.ai/v1alpha2
kind: CloudekaGuard
metadata:
name: allow-ingress
namespace: ns1
spec:
endpointSelector:
matchLabels:
app: web-app
ingress:
- fromEndpoints:
- matchLabels:
app: client-ns2
After pasting the syntax, save the file by pressing Ctrl + O, then press the Enter key and exit the editor by pressing Ctrl + X. The next step is to apply Cloudeka Guard.
kubectl apply -f allow-ingress.yaml
Last updated