Help Center/
Ubiquitous Cloud Native Service/
User Guide/
Policy Center/
Policy Definition Library/
k8sblockloadbalancer
Updated on 2024-02-01 GMT+08:00
k8sblockloadbalancer
Basic Information
- Policy type: compliance
- Recommended level: L1
- Effective resource type: Service
- Parameter: None
Function
LoadBalancer Services are not allowed.
Policy Example
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: K8sBlockLoadBalancer
metadata:
name: block-load-balancer
spec:
match:
kinds:
- apiGroups: [""]
kinds: ["Service"]
excludedNamespaces:
- "ingress-nginx-private"
- "ingress-nginx-public"
Resource Definition That Complies with the Policy
The service type is not LoadBalancer, which complies with the policy instance.
apiVersion: v1
kind: Service
metadata:
name: my-service-allowed
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 80
Resource Definition That Does Not Comply with the Policy
The service type is LoadBalancer, which does not comply with the policy instance.
apiVersion: v1
kind: Service
metadata:
name: my-service-disallowed
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 80
nodePort: 30007
Parent topic: Policy Definition Library
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
