How to allow access to kubernetes api using egress network policy?

后端未结

关注

 3  1491

花落未央 2021-02-13 14:36

Init container with kubectl get pod command is used to get ready status of other pod.

After Egress NetworkPolicy was turned on init container can\'t access

3条回答

逝去的感伤 (楼主)

2021-02-13 15:14

You need to get the real ip of the master using 'kubectl get endpoints --namespace default kubernetes' and make an egress policy to allow that.

---
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1 
metadata:
  name: allow-apiserver
  namespace: test
spec:
  policyTypes:
  - Egress
  podSelector: {}
  egress:
  - ports:
    - port: 443
      protocol: TCP
    to:
    - ipBlock:
        cidr: x.x.x.x/32

0 讨论(0)

查看其它3个回答