mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-07 00:48:01 +01:00
42 lines
1.4 KiB
Plaintext
42 lines
1.4 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/network_policy/creating-network-policy.adoc
|
|
// * networking/network_policy/viewing-network-policy.adoc
|
|
// * networking/network_policy/editing-network-policy.adoc
|
|
// * post_installation_configuration/network-configuration.adoc
|
|
// * microshift_networking/microshift-creating-network-policy.adoc
|
|
// * microshift_networking/microshift-network-policy/microshift-editing-network-policy.adoc
|
|
|
|
:_mod-docs-content-type: REFERENCE
|
|
[id="nw-networkpolicy-object_{context}"]
|
|
= Example NetworkPolicy object
|
|
|
|
The following annotates an example NetworkPolicy object:
|
|
|
|
[source,yaml]
|
|
----
|
|
kind: NetworkPolicy
|
|
apiVersion: networking.k8s.io/v1
|
|
metadata:
|
|
name: allow-27107 <1>
|
|
spec:
|
|
podSelector: <2>
|
|
matchLabels:
|
|
app: mongodb
|
|
ingress:
|
|
- from:
|
|
- podSelector: <3>
|
|
matchLabels:
|
|
app: app
|
|
ports: <4>
|
|
- protocol: TCP
|
|
port: 27017
|
|
----
|
|
<1> The name of the NetworkPolicy object.
|
|
<2> A selector that describes the pods to which the policy applies.
|
|
ifndef::microshift[]
|
|
The policy object can only select pods in the project that defines the NetworkPolicy object.
|
|
endif::microshift[]
|
|
<3> A selector that matches the pods from which the policy object allows ingress traffic. The selector matches pods in the same namespace as the NetworkPolicy.
|
|
<4> A list of one or more destination ports on which to accept traffic.
|