2

I have a application running with kubernetes orchestrator. I want to implement calico network policy based on domain name Regex matching. I am seeing in calico doc that they are using ip range(CIDR) to control incoming and outgoing calls.
Can same thing be done using domain name regex matching instead of CIDR ? Some example would be helpful.

For instance I want my calico network policy to allow ingress call for domain:

"^.+\\.app\\.ubuntu\\.net$ ^.+\\.aws-tools.org$ ^local\\.aws-tools\\.org$"
solveit
  • 255
  • 2
  • 11

1 Answers1

1

As per the official Calico documentation regex matching is only used for interface selection: interface=INTERFACE-REGEX and skip-interface=INTERFACE-REGEX. Considering that regex matching for interface selection has been implemented after a feature request you can always create a feature request for domain name regex matching here.