networkpolicy-controller

This component blocks access to common metadata IP address used within cloud providers by forcing the following network policy into all namespaces except kube-system.

Example policy

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-all-except-metadata
spec:
  podSelector: {}
  egress:
  - to:
    - ipBlock:
        cidr: 0.0.0.0/0
        except: 
        - 169.254.169.254/32
  policyTypes:
  - Egress

Install

kubectl apply -f https://raw.githubusercontent.com/ElisaOyj/networkpolicy-controller/master/manifests/deploy.yaml

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
cmd		cmd
hack		hack
manifests		manifests
pkg/controller		pkg/controller
vendor		vendor
.dockerignore		.dockerignore
.drone.yml		.drone.yml
.gitignore		.gitignore
Dockerfile		Dockerfile
Gopkg.lock		Gopkg.lock
Gopkg.toml		Gopkg.toml
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

networkpolicy-controller

Install

About

Releases

Packages

Languages

License

cisco-sso/networkpolicy-controller

Folders and files

Latest commit

History

Repository files navigation

networkpolicy-controller

Install

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages