+19In 23R1, if you were asked by your IT SecOps team, what exactly does ifscore.networkpolicy.enabled do?
The documentation just repeats the name of the parameter.
“Set to true to activate network policy”
“Set to true to activate network policy”
(This parameter isn’t listed here.)
(This parameter isn’t listed here.)
“Set to true to activate network policy”
Best answer by Ben Monroe
The easiest way to confirm a Helm setting is to verify the Helm chart definitions.
From the Windows Management PC (the below assumes that the JFrog IFSCloud repository has already been added from a previous installation):
mkdir tmp
cd tmp
helm repo list
helm repo update
helm search repo ifs
helm pull ifscloud/ifs-cloud --untarIn tmp\ifs-cloud\charts\ifscore\templates\network.yaml, there is a Helm if block for when "networkpolicy.enabled" is set.
There are multiple Kubernetes NetworkPolicy resources, each applied to specific matching resources.
They allow / disallow specific traffic: ingress, egress, ports, TCP/UDP, IP range etc.
See Kubernetes documentation for NetworkPolicy for complete details:https://kubernetes.io/docs/concepts/services-networking/network-policies/
You can then list all of the NetworkPolicy resources in your cluster:
kubectl get networkpolicy -AYou can select one of them to view the actual definition and confirm the details in the above NetworkPolicy documentation.
kubectl get networkpolicy/<networkpolicy resource> -n <namespace> -o yamlYou can remove the tmp folder to cleanup if you wish.
Best regards, Ben
The easiest way to confirm a Helm setting is to verify the Helm chart definitions.
From the Windows Management PC (the below assumes that the JFrog IFSCloud repository has already been added from a previous installation):
mkdir tmp
cd tmp
helm repo list
helm repo update
helm search repo ifs
helm pull ifscloud/ifs-cloud --untarIn tmp\ifs-cloud\charts\ifscore\templates\network.yaml, there is a Helm if block for when "networkpolicy.enabled" is set.
There are multiple Kubernetes NetworkPolicy resources, each applied to specific matching resources.
They allow / disallow specific traffic: ingress, egress, ports, TCP/UDP, IP range etc.
See Kubernetes documentation for NetworkPolicy for complete details:https://kubernetes.io/docs/concepts/services-networking/network-policies/
You can then list all of the NetworkPolicy resources in your cluster:
kubectl get networkpolicy -AYou can select one of them to view the actual definition and confirm the details in the above NetworkPolicy documentation.
kubectl get networkpolicy/<networkpolicy resource> -n <namespace> -o yamlYou can remove the tmp folder to cleanup if you wish.
Best regards, Ben
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
