From 0beb875f430a0a79917b21ca6b4b954cfaadb2c6 Mon Sep 17 00:00:00 2001
From: Edward Cheng <edward@cheng.sydney>
Date: Sun, 9 Jun 2024 12:02:34 +1000
Subject: [PATCH] add cilium network policy for coredns

---
 .../apps/calium/networkpolicies/coredns.yaml  | 21 +++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 kubernetes/rpi5-cluster/apps/calium/networkpolicies/coredns.yaml

diff --git a/kubernetes/rpi5-cluster/apps/calium/networkpolicies/coredns.yaml b/kubernetes/rpi5-cluster/apps/calium/networkpolicies/coredns.yaml
new file mode 100644
index 0000000..5b7826c
--- /dev/null
+++ b/kubernetes/rpi5-cluster/apps/calium/networkpolicies/coredns.yaml
@@ -0,0 +1,21 @@
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: coredns
+  namespace: kube-system
+spec:
+  endpointSelector:
+    matchLabels:
+      k8s-app: kube-dns
+  egress:
+    - toEntities:
+        - world
+      toPorts:
+        - ports:
+            - port: "53"
+    - toEntities:
+        - host
+        - remote-node
+      toPorts:
+        - ports:
+            - port: "6443"
\ No newline at end of file