Calico network policy in Kubernetes based on Domain name Regex Matching
I have a application running with kubernetes orchestrator. I want to implement calico network policy based on domain name Regex matching. I am seeing in calico doc that they are using ip range(CIDR) to control incoming and outgoing calls.
Can same thing be done using domain name regex matching instead of CIDR ? Some example would be helpful.
For instance I want my calico network policy to allow ingress call for domain:
"^.+\\.app\\.ubuntu\\.net$ ^.+\\.aws-tools.org$ ^local\\.aws-tools\\.org$"
Solution 1:
As per the official Calico documentation regex matching is only used for interface selection: interface=INTERFACE-REGEX
and skip-interface=INTERFACE-REGEX
. Considering that regex matching for interface selection has been implemented after a feature request you can always create a feature request for domain name regex matching here.