diff --git a/cp3-networkpolicy/egress/cert-manager/bedrock-egress-ibm-cert-manager-operator.yaml b/cp3-networkpolicy/egress/cert-manager/bedrock-egress-ibm-cert-manager-operator.yaml index d90121f0c..350ee3e5a 100644 --- a/cp3-networkpolicy/egress/cert-manager/bedrock-egress-ibm-cert-manager-operator.yaml +++ b/cp3-networkpolicy/egress/cert-manager/bedrock-egress-ibm-cert-manager-operator.yaml @@ -17,6 +17,20 @@ spec: matchLabels: apiserver: 'true' namespaceSelector: {} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-cert-manager-operator" diff --git a/cp3-networkpolicy/egress/license-service-reporter/bedrock-egress-ibm-license-service-reporter-operator.yaml b/cp3-networkpolicy/egress/license-service-reporter/bedrock-egress-ibm-license-service-reporter-operator.yaml index caa904d57..e388dd1a8 100644 --- a/cp3-networkpolicy/egress/license-service-reporter/bedrock-egress-ibm-license-service-reporter-operator.yaml +++ b/cp3-networkpolicy/egress/license-service-reporter/bedrock-egress-ibm-license-service-reporter-operator.yaml @@ -17,6 +17,20 @@ spec: matchLabels: apiserver: 'true' namespaceSelector: {} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-license-service-reporter-operator" diff --git a/cp3-networkpolicy/egress/license-service/bedrock-egress-ibm-licensing-operator.yaml b/cp3-networkpolicy/egress/license-service/bedrock-egress-ibm-licensing-operator.yaml index 711ce6a7a..66d78b4f6 100644 --- a/cp3-networkpolicy/egress/license-service/bedrock-egress-ibm-licensing-operator.yaml +++ b/cp3-networkpolicy/egress/license-service/bedrock-egress-ibm-licensing-operator.yaml @@ -22,3 +22,17 @@ spec: matchLabels: apiserver: 'true' namespaceSelector: {} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-cloud-native-postgresql.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-cloud-native-postgresql.yaml index 8461887f3..b0856a22a 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-cloud-native-postgresql.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-cloud-native-postgresql.yaml @@ -26,5 +26,19 @@ spec: matchLabels: apiserver: 'true' namespaceSelector: {} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default policyTypes: - Egress \ No newline at end of file diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-egress-create-postgres-license-config.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-egress-create-postgres-license-config.yaml index 4cbd29797..5d3e89fa6 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-egress-create-postgres-license-config.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-egress-create-postgres-license-config.yaml @@ -20,5 +20,19 @@ spec: matchLabels: apiserver: 'true' namespaceSelector: {} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default policyTypes: - Egress \ No newline at end of file diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-bts-operator.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-bts-operator.yaml index c1289a06b..79705185c 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-bts-operator.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-bts-operator.yaml @@ -17,6 +17,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: app.kubernetes.io/name: "ibm-bts-operator" diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-common-service-operator.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-common-service-operator.yaml index 3c27f3ae8..3b10bc07e 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-common-service-operator.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-common-service-operator.yaml @@ -17,6 +17,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-common-service-operator" diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-commonui-operator.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-commonui-operator.yaml index d77a23c6a..3811b0a87 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-commonui-operator.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-commonui-operator.yaml @@ -17,6 +17,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-commonui-operator" diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-events-operator.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-events-operator.yaml index bf264b882..cca0088ed 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-events-operator.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-events-operator.yaml @@ -17,6 +17,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-events-operator" diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-iam-operator.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-iam-operator.yaml index a9999d3bc..946034ae1 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-iam-operator.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-iam-operator.yaml @@ -33,6 +33,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-iam-operator" diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-mongodb-operator.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-mongodb-operator.yaml index 6d3aec899..17674a613 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-mongodb-operator.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-mongodb-operator.yaml @@ -17,6 +17,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-mongodb-operator" diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-namespace-scope-operator.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-namespace-scope-operator.yaml index f1700247a..d941d6554 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-namespace-scope-operator.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-ibm-namespace-scope-operator.yaml @@ -17,6 +17,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-namespace-scope-operator" diff --git a/cp3-networkpolicy/egress/operators/bedrock-egress-operand-deployment-lifecycle-manager.yaml b/cp3-networkpolicy/egress/operators/bedrock-egress-operand-deployment-lifecycle-manager.yaml index 64e2d84b6..bcb8fbc0e 100644 --- a/cp3-networkpolicy/egress/operators/bedrock-egress-operand-deployment-lifecycle-manager.yaml +++ b/cp3-networkpolicy/egress/operators/bedrock-egress-operand-deployment-lifecycle-manager.yaml @@ -17,6 +17,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "operand-deployment-lifecycle-manager" diff --git a/cp3-networkpolicy/egress/operators/zen-egress-ibm-zen-operator.yaml b/cp3-networkpolicy/egress/operators/zen-egress-ibm-zen-operator.yaml index a95edaa73..77f7bbdac 100644 --- a/cp3-networkpolicy/egress/operators/zen-egress-ibm-zen-operator.yaml +++ b/cp3-networkpolicy/egress/operators/zen-egress-ibm-zen-operator.yaml @@ -26,6 +26,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "ibm-zen-operator" diff --git a/cp3-networkpolicy/egress/operators/zen-egress-ibm-zen-setup-job.yaml b/cp3-networkpolicy/egress/operators/zen-egress-ibm-zen-setup-job.yaml index 819dea536..6c3340469 100644 --- a/cp3-networkpolicy/egress/operators/zen-egress-ibm-zen-setup-job.yaml +++ b/cp3-networkpolicy/egress/operators/zen-egress-ibm-zen-setup-job.yaml @@ -20,5 +20,19 @@ spec: matchLabels: apiserver: 'true' namespaceSelector: {} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default policyTypes: - Egress diff --git a/cp3-networkpolicy/egress/services/bedrock-egress-rhbk-operator.yaml b/cp3-networkpolicy/egress/services/bedrock-egress-rhbk-operator.yaml index 778fb69df..3f78f6c63 100644 --- a/cp3-networkpolicy/egress/services/bedrock-egress-rhbk-operator.yaml +++ b/cp3-networkpolicy/egress/services/bedrock-egress-rhbk-operator.yaml @@ -17,6 +17,20 @@ spec: podSelector: matchLabels: apiserver: "true" + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - port: 5353 + protocol: UDP + - port: 5353 + protocol: TCP + to: + - namespaceSelector: {} + podSelector: + matchLabels: + dns.operator.openshift.io/daemonset-dns: default podSelector: matchLabels: name: "rhbk-operator"