Fix: Ingress-External NetworkPolicy

projects/ingress-external/manifests/allow-kubeapi.yml

@@ -0,0 +1,14 @@
+apiVersion: "cilium.io/v2"
+kind: CiliumNetworkPolicy
+metadata:
+  name: "traefik-allow-kubeapi"
+spec:
+  endpointSelector:
+    matchLabels:
+      app.kubernetes.io/name: traefik
+      app.kubernetes.io/instance: ingress-external
+  egress:
+  - toServices:
+    - k8sService:
+        serviceName: kubernetes
+        namespace: default

projects/ingress-external/project.yml

@@ -4,9 +4,9 @@ config:
     config:
       allowNamespace: false
     rules:
-    #- allow-dns
+    - allow-dns
     - allow-ingress-traffic
-    #- allow-external-services
+    - allow-external-services
     #- allow-kubeapi
 
 apps: