From 5ed158a69b32e8e0a3b6cf5ccd7d82c645f7944b Mon Sep 17 00:00:00 2001 From: Edward Date: Thu, 21 May 2020 20:54:27 -0700 Subject: [PATCH] Please enter the commit message for your changes. Lines starting Ingress Policies --- network-policies/adservicepolicy.yaml | 17 +++++++ network-policies/cartservicepolicy.yaml | 33 ++++++++++++ network-policies/checkoutservicepolicy.yaml | 16 ++++++ network-policies/currencyservicepolicy.yaml | 34 +++++++++++++ network-policies/emailservicepolicy.yaml | 16 ++++++ network-policies/frontendservicepolicy.yaml | 0 network-policies/paymentservicepolicy.yaml | 16 ++++++ .../productcatalogservicepolicy.yaml | 50 +++++++++++++++++++ .../recommendationservicepolicy.yaml | 16 ++++++ network-policies/shippingservicepolicy.yaml | 33 ++++++++++++ 10 files changed, 231 insertions(+) create mode 100644 network-policies/adservicepolicy.yaml create mode 100644 network-policies/cartservicepolicy.yaml create mode 100644 network-policies/checkoutservicepolicy.yaml create mode 100644 network-policies/currencyservicepolicy.yaml create mode 100644 network-policies/emailservicepolicy.yaml create mode 100644 network-policies/frontendservicepolicy.yaml create mode 100644 network-policies/paymentservicepolicy.yaml create mode 100644 network-policies/productcatalogservicepolicy.yaml create mode 100644 network-policies/recommendationservicepolicy.yaml create mode 100644 network-policies/shippingservicepolicy.yaml diff --git a/network-policies/adservicepolicy.yaml b/network-policies/adservicepolicy.yaml new file mode 100644 index 0000000..bd07518 --- /dev/null +++ b/network-policies/adservicepolicy.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: ad-allow-frontend + namespace: default +spec: + podSelector: + matchLabels: + app: adservice + ingress: + - from: + - podSelector: + matchLabels: + app: frontend + ports: + - port: 9555 + diff --git a/network-policies/cartservicepolicy.yaml b/network-policies/cartservicepolicy.yaml new file mode 100644 index 0000000..894de59 --- /dev/null +++ b/network-policies/cartservicepolicy.yaml @@ -0,0 +1,33 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: cart-allow-checkout + namespace: default +spec: + podSelector: + matchLabels: + app: cartservice + ingress: + - from: + - podSelector: + matchLabels: + app: checkoutservice + ports: + - port: 7070 +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: cart-allow-frontend + namespace: default +spec: + podSelector: + matchLabels: + app: cartservice + ingress: + - from: + - podSelector: + matchLabels: + app: frontend + ports: + - port: 7070 diff --git a/network-policies/checkoutservicepolicy.yaml b/network-policies/checkoutservicepolicy.yaml new file mode 100644 index 0000000..dff8f28 --- /dev/null +++ b/network-policies/checkoutservicepolicy.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: checkout-allow-frontend + namespace: default +spec: + podSelector: + matchLabels: + app: checkoutservice + ingress: + - from: + - podSelector: + matchLabels: + app: frontend + ports: + - port: 5050 \ No newline at end of file diff --git a/network-policies/currencyservicepolicy.yaml b/network-policies/currencyservicepolicy.yaml new file mode 100644 index 0000000..748f222 --- /dev/null +++ b/network-policies/currencyservicepolicy.yaml @@ -0,0 +1,34 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: currencyservice-allow-frontend + namespace: default +spec: + podSelector: + matchLabels: + app: currencyservice + ingress: + - from: + - podSelector: + matchLabels: + app: frontend + ports: + - port: 7000 +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: currencyservice-allow-checkout + namespace: default +spec: + podSelector: + matchLabels: + app: currencyservice + ingress: + - from: + - podSelector: + matchLabels: + app: checkoutservice + ports: + - port: 7000 +--- \ No newline at end of file diff --git a/network-policies/emailservicepolicy.yaml b/network-policies/emailservicepolicy.yaml new file mode 100644 index 0000000..c4f5d0d --- /dev/null +++ b/network-policies/emailservicepolicy.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: email-allow-checkout + namespace: default +spec: + podSelector: + matchLabels: + app: emailservice + ingress: + - from: + - podSelector: + matchLabels: + app: checkoutservice + ports: + - port: 5050 diff --git a/network-policies/frontendservicepolicy.yaml b/network-policies/frontendservicepolicy.yaml new file mode 100644 index 0000000..e69de29 diff --git a/network-policies/paymentservicepolicy.yaml b/network-policies/paymentservicepolicy.yaml new file mode 100644 index 0000000..e0bab5e --- /dev/null +++ b/network-policies/paymentservicepolicy.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: payment-allow-checkout + namespace: default +spec: + podSelector: + matchLabels: + app: paymentservice + ingress: + - from: + - podSelector: + matchLabels: + app: checkoutservice + ports: + - port: 50051 \ No newline at end of file diff --git a/network-policies/productcatalogservicepolicy.yaml b/network-policies/productcatalogservicepolicy.yaml new file mode 100644 index 0000000..9788a90 --- /dev/null +++ b/network-policies/productcatalogservicepolicy.yaml @@ -0,0 +1,50 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: product-allow-frontend + namespace: default +spec: + podSelector: + matchLabels: + app: productcatalogservice + ingress: + - from: + - podSelector: + matchLabels: + app: frontend + ports: + - port: 3550 +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: product-allow-recommend + namespace: default +spec: + podSelector: + matchLabels: + app: productcatalogservice + ingress: + - from: + - podSelector: + matchLabels: + app: recommendationservice + ports: + - port: 3550 +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: product-allow-checkout + namespace: default +spec: + podSelector: + matchLabels: + app: productcatalogservice + ingress: + - from: + - podSelector: + matchLabels: + app: checkoutservice + ports: + - port: 3550 \ No newline at end of file diff --git a/network-policies/recommendationservicepolicy.yaml b/network-policies/recommendationservicepolicy.yaml new file mode 100644 index 0000000..f6349fc --- /dev/null +++ b/network-policies/recommendationservicepolicy.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: recommendationservice-allow-frontend + namespace: default +spec: + podSelector: + matchLabels: + app: recommendationservice + ingress: + - from: + - podSelector: + matchLabels: + app: frontend + ports: + - port: 8080 \ No newline at end of file diff --git a/network-policies/shippingservicepolicy.yaml b/network-policies/shippingservicepolicy.yaml new file mode 100644 index 0000000..00b3e36 --- /dev/null +++ b/network-policies/shippingservicepolicy.yaml @@ -0,0 +1,33 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: shipping-allow-frontend + namespace: default +spec: + podSelector: + matchLabels: + app: shippingservice + ingress: + - from: + - podSelector: + matchLabels: + app: frontend + ports: + - port: 50051 +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: shipping-allow-checkout + namespace: default +spec: + podSelector: + matchLabels: + app: shippingservice + ingress: + - from: + - podSelector: + matchLabels: + app: checkoutservice + ports: + - port: 50051 \ No newline at end of file