Skip to content

Commit

Permalink
examples: Allow remote nodes in host policy example
Browse files Browse the repository at this point in the history 
To be on the safe side and avoid breaking the cluster, we can allow
remote nodes and the health endpoint. Without this, we will at least
drop some ICMP probes.

Signed-off-by: Paul Chaignon <paul@cilium.io>
  • Loading branch information
@pchaigno @qmonnet
pchaigno authored and qmonnet committed Jul 20, 2020
1 parent 789abf5 commit e931b3c
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions examples/policies/host/lock-down-ingress.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ spec:
matchLabels:
type: ingress-worker
ingress:
- fromEntities:
- remote-node
- health
- toPorts:
- ports:
- port: "6443"
Expand Down

0 comments on commit e931b3c

Please sign in to comment.