Skip to content
/ calico-globalnetworkpolicy Public

Initial Calico Global Network Policies for Kubernetes Cluster

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hosseinsalahi/calico-globalnetworkpolicy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

k8s-apps

k8s-apps

 
 

README.md

README.md

 
 

allow-coredns.yaml

allow-coredns.yaml

 
 

allow-dns-egress.yaml

allow-dns-egress.yaml

 
 

allow-kube-system.yaml

allow-kube-system.yaml

 
 

deny-all.yaml

deny-all.yaml

 
 

Repository files navigation

Calico Global Network Policy for k8s

Minikube Setup

minikube start \
 --extra-config=kubelet.network-plugin=cni \
 --extra-config=kubelet.pod-cidr=10.123.0.0/16 \
 --extra-config=controller-manager.allocate-node-cidrs=true \
 --extra-config=controller-manager.cluster-cidr=10.123.0.0/16 \
 --memory 8192

Deploy Calico

kubectl create -f k8s-apps/calico.yaml

Apply Initial Network Policies

kubectl label namespaces kube-system name=kube-system
calicoctl create -f deny-all.yaml
calicoctl create -f allow-coredns.yaml
calicoctl create -f allow-dns-egress.yaml
calicoctl create -f allow-kube-system.yaml

Debug k8s Networking with Busybox

kubectl create -f k8s-apps/busybox.yaml

About

Initial Calico Global Network Policies for Kubernetes Cluster

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published