apiVersion: cilium.io/v2 kind: CiliumNetworkPolicy metadata: name: znc namespace: irc spec: endpointSelector: matchLabels: app.kubernetes.io/name: znc ingress: - fromEndpoints: - matchLabels: k8s:io.kubernetes.pod.namespace: irc k8s:app.kubernetes.io/name: thelounge toPorts: - ports: - port: "6501" protocol: TCP - fromEntities: - host toPorts: - ports: - port: "6501" protocol: TCP egress: - toEndpoints: - matchLabels: k8s:io.kubernetes.pod.namespace: kube-system k8s:k8s-app: kube-dns toPorts: - ports: - port: "53" protocol: ANY rules: dns: - matchPattern: "*" - toFQDNs: - matchName: "irc.passthepopcorn.me" toPorts: - ports: - port: "6697" protocol: TCP