I am using GKE and I want to write some network policies, but as soon as I add the following Policy I get this error:
url.Error Get "http://169.254.169.254/computeMetadata/v1/instance/service-accounts/default/scopes
When I delete the policy everything works.
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: {{ template "name" . }}
spec:
podSelector:
matchLabels:
app: {{ template "name" . }}
policyTypes:
- Egress
egress:
- ports:
- port: 53
protocol: UDP
- port: 53
protocol: TCP
- port: 443
protocol: TCP
- port: 3307
protocol: TCP
- port: 3306
protocol: TCP
- to:
- ipBlock:
cidr: 169.254.169.254/32
Here is the working solution:
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: {{ template "name" . }}
spec:
podSelector:
matchLabels:
app: {{ template "name" . }}
policyTypes:
- Egress
egress:
- ports:
- port: 53
protocol: UDP
- port: 53
protocol: TCP
- port: 443
protocol: TCP
- port: 3307
protocol: TCP
- to:
- ipBlock:
cidr: 169.254.169.252/32
ports:
- protocol: TCP
port: 988