我有以下deployment
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: redis
name: redis
spec:
replicas: 1
selector:
matchLabels:
app: redis
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: redis
spec:
containers:
- image: redis:alpine
name: redis
resources: {}
status: {}
问题1:如何通过端口8080上的ClusterIP服务公开此部署?
问题2:我如何创建一个新的入口类型NetworkPolicy,只允许标签为access=redis的pod访问部署。
服务
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: redis
ports:
- protocol: TCP
port: 8080
targetPort: 6379
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: test-network-policy
spec:
podSelector:
matchLabels:
app: redis
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
access: redis
ports:
- protocol: TCP
port: 6379