Ctrlk
Page cover
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Create Guard to Allow Ingress

Create Guard to Allow Ingress is used to create a CloudekaGuard will allow incoming traffic to pods with a certain label from pods with other labels that are in a different namespace. Using this syntax, you can control inbound access from permitted clients. You can first run the following syntax to create a YAML file with the name allow-ingress.

nano allow-ingress.yaml

Copy and paste the following YAML contents.

apiVersion: tenants.cloudeka.ai/v1alpha2
kind: CloudekaGuard
metadata:
  name: allow-ingress
  namespace: ns1
spec:
  endpointSelector:
    matchLabels:
      app: web-app
  ingress:
  - fromEndpoints:
    - matchLabels:
        app: client-ns2

After pasting the syntax, save the file by pressing Ctrl + O, then press the Enter key and exit the editor by pressing Ctrl + X. The next step is to apply Cloudeka Guard.

kubectl apply -f allow-ingress.yaml

Last updated