1apiVersion: policy.linkerd.io/v1beta1
2kind: Server
3metadata:
4 name: k8s-gateway-metrics
5spec:
6 port: metrics
7 podSelector:
8 matchLabels:
9 platform.edge.ncr.com/component: k8s-gateway
10 proxyProtocol: HTTP/1
11---
12apiVersion: policy.linkerd.io/v1beta1
13kind: ServerAuthorization
14metadata:
15 name: k8s-gateway-metrics
16spec:
17 client:
18 meshTLS:
19 serviceAccounts:
20 - name: prometheus
21 namespace: prometheus
22 server:
23 name: k8s-gateway-metrics
24---
25apiVersion: policy.linkerd.io/v1beta1
26kind: Server
27metadata:
28 name: k8s-gateway-tcp
29spec:
30 port: 53
31 podSelector:
32 matchLabels:
33 k8s-app: excoredns
34 platform.edge.ncr.com/component: k8s-gateway
35 proxyProtocol: opaque
36---
37apiVersion: policy.linkerd.io/v1alpha1
38kind: AuthorizationPolicy
39metadata:
40 name: k8s-gateway-tcp
41spec:
42 requiredAuthenticationRefs:
43 - name: cluster-network
44 kind: NetworkAuthentication
45 group: policy.linkerd.io
46 targetRef:
47 name: k8s-gateway-tcp
48 kind: Server
49 group: policy.linkerd.io
50---
51apiVersion: policy.linkerd.io/v1alpha1
52kind: NetworkAuthentication
53metadata:
54 name: cluster-network
55spec:
56 networks:
57 - cidr: 0.0.0.0/0
View as plain text