246bfdb85c
The traffic from/to the longhorn webhook server is the kube-apiserver. The only way we could add restriction is to add the network policy of the ingress port because we can't know each Kubernetes distro default kube-apiserver Pod's label. Therefore, we can't add the label selector in the network policy rule to restrict the traffic that comes from the kube-apiserver is able to access to the longhorn webhook server. Longhorn 3513 Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com> (cherry picked from commit 769e85bc80b6351a081a79ddf83ab181cf956e23) |
||
|---|---|---|
| .. | ||
| backing-image-data-source-network-policy.yaml | ||
| backing-image-manager-network-policy.yaml | ||
| instance-manager-networking.yaml | ||
| manager-network-policy.yaml | ||
| ui-network-policy.yaml | ||
| webhook-network-policy.yaml | ||