shosti/ciliumtest.yaml

## ciliumtest.yaml
---
apiVersion: v1
kind: Namespace
metadata:
  name: ciltestout
---
apiVersion: v1
kind: Namespace
metadata:
  name: ciltestin
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: server
  name: server
  namespace: ciltestin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: server
  template:
    metadata:
      labels:
        app: server
    spec:
      containers:
      - image: nginx
        name: nginx
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: server
  name: server
  namespace: ciltestin
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: server
---
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
  name: egress
  namespace: ciltestout
spec:
  endpointSelector:
    matchLabels:
      app: client
  egress:
    - toEndpoints:
        - matchLabels:
            k8s:io.kubernetes.pod.namespace: kube-system
            k8s-app: kube-dns
      toPorts:
        - ports:
            - port: "53"
              protocol: UDP
          rules:
            dns:
              - matchPattern: "*"
    - toEndpoints:
        - matchLabels:
            app: server
          matchExpressions:
            - key: k8s:io.kubernetes.pod.namespace
              operator: In
              values:
                - ciltestin
---
apiVersion: v1
kind: Pod
metadata:
  name: client
  namespace: ciltestout
  labels:
    app: client
spec:
  containers:
    - name: client
      image: curlimages/curl
      command: [sleep, infinity]
	---
	apiVersion: v1
	kind: Namespace
	metadata:
	name: ciltestout
	---
	apiVersion: v1
	kind: Namespace
	metadata:
	name: ciltestin
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	labels:
	app: server
	name: server
	namespace: ciltestin
	spec:
	replicas: 1
	selector:
	matchLabels:
	app: server
	template:
	metadata:
	labels:
	app: server
	spec:
	containers:
	- image: nginx
	name: nginx
	---
	apiVersion: v1
	kind: Service
	metadata:
	labels:
	app: server
	name: server
	namespace: ciltestin
	spec:
	ports:
	- port: 80
	protocol: TCP
	targetPort: 80
	selector:
	app: server
	---
	apiVersion: cilium.io/v2
	kind: CiliumNetworkPolicy
	metadata:
	name: egress
	namespace: ciltestout
	spec:
	endpointSelector:
	matchLabels:
	app: client
	egress:
	- toEndpoints:
	- matchLabels:
	k8s:io.kubernetes.pod.namespace: kube-system
	k8s-app: kube-dns
	toPorts:
	- ports:
	- port: "53"
	protocol: UDP
	rules:
	dns:
	- matchPattern: "*"
	- toEndpoints:
	- matchLabels:
	app: server
	matchExpressions:
	- key: k8s:io.kubernetes.pod.namespace
	operator: In
	values:
	- ciltestin
	---
	apiVersion: v1
	kind: Pod
	metadata:
	name: client
	namespace: ciltestout
	labels:
	app: client
	spec:
	containers:
	- name: client
	image: curlimages/curl
	command: [sleep, infinity]