fix(dns): Add allow from everywhere network policy

This patch should add an "allow from everywhere" network policy for DNS ports in order to allow the DNS service to function as intended. This workaround is needed since the current network policy blocks all traffic from outside the namespace, resulting in a non-working service.

fix(dns): Add allow from everywhere network policy
586c12d4 · Sheogorath · 77df23c8 · 586c12d4 · 586c12d4
Verified Commit 586c12d4 authored 3 years ago by Sheogorath
--- a/apps/k8s01/dns/kustomization.yaml
+++ b/apps/k8s01/dns/kustomization.yaml
@@ -4,5 +4,6 @@ namespace: dns
 resources:
  - namespace.yaml
  - dns.yaml
+  - networkpolicy.yaml
  - ../../../shared/networkpolicies/allow-from-same-namespace.yaml
  - ../../../shared/resourcequotas/default.yaml
--- a/apps/k8s01/dns/networkpolicy.yaml
+++ b/apps/k8s01/dns/networkpolicy.yaml
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-from-everywhere-to-do53
+spec:
+  podSelector:
+    matchLabels:
+      app: resolver
+  ingress:
+  - from:
+    - ipBlock:
+        cidr: 0.0.0.0/0
+    ports:
+      - protocol: UDP
+        port: 53
+      - protocol: TCP
+        port: 53