180076c899
Currently the netpol overrides in keystone have the old v2 admin port defined. This is no longer needed since keystone v2 has been long removed. Change-Id: Iaed37bad01e621e95b9d1493eb8fcf2ec19a3526
70 lines
1.7 KiB
YAML
70 lines
1.7 KiB
YAML
---
|
|
manifests:
|
|
network_policy: true
|
|
network_policy:
|
|
keystone:
|
|
ingress:
|
|
- from:
|
|
- podSelector:
|
|
matchLabels:
|
|
application: ceph
|
|
- podSelector:
|
|
matchLabels:
|
|
application: ingress
|
|
- podSelector:
|
|
matchLabels:
|
|
application: keystone
|
|
- podSelector:
|
|
matchLabels:
|
|
application: heat
|
|
- podSelector:
|
|
matchLabels:
|
|
application: glance
|
|
- podSelector:
|
|
matchLabels:
|
|
application: cinder
|
|
- podSelector:
|
|
matchLabels:
|
|
application: barbican
|
|
- podSelector:
|
|
matchLabels:
|
|
application: ceilometer
|
|
- podSelector:
|
|
matchLabels:
|
|
application: horizon
|
|
- podSelector:
|
|
matchLabels:
|
|
application: ironic
|
|
- podSelector:
|
|
matchLabels:
|
|
application: magnum
|
|
- podSelector:
|
|
matchLabels:
|
|
application: mistral
|
|
- podSelector:
|
|
matchLabels:
|
|
application: nova
|
|
- podSelector:
|
|
matchLabels:
|
|
application: neutron
|
|
- podSelector:
|
|
matchLabels:
|
|
application: senlin
|
|
- podSelector:
|
|
matchLabels:
|
|
application: placement
|
|
- podSelector:
|
|
matchLabels:
|
|
application: prometheus-openstack-exporter
|
|
ports:
|
|
- protocol: TCP
|
|
port: 5000
|
|
egress:
|
|
- to:
|
|
- ipBlock:
|
|
cidr: %%%REPLACE_API_ADDR%%%/32
|
|
ports:
|
|
- protocol: TCP
|
|
port: %%%REPLACE_API_PORT%%%
|
|
...
|