mirror of https://github.com/easzlab/kubeasz.git
docs: fix pic and yaml path
Zachary
jmgao
parent
779712e2d0
commit
7df3331236
|
|
@ -30,9 +30,9 @@
|
|||
- pod/tiefighter:作为“帝国”方的常规战斗飞船,它会调用上述 HTTP 接口,请求登陆“死星”;
|
||||
- pod/xwing:作为“盟军”方的飞行舰,它也尝试调用 HTTP 接口,请求登陆“死星”;
|
||||
|
||||
|
||||
|
||||
|
||||
根据文件[http-sw-app.yaml](../roles/cilium/files/star_war_example/http-sw-app.yaml) 创建 `$ kubectl create -f http-sw-app.yaml` 后,验证如下:
|
||||
根据文件[http-sw-app.yaml](../../../roles/cilium/files/star_war_example/http-sw-app.yaml) 创建 `$ kubectl create -f http-sw-app.yaml` 后,验证如下:
|
||||
|
||||
``` bash
|
||||
$ kubectl get pods,svc
|
||||
|
|
@ -86,9 +86,9 @@ Ship landed # 成功着陆
|
|||
|
||||
现在我们应用策略,仅让带有标签 `org=empire`的飞船登陆“死星”;那么带有标签 `org=alliance`的“联盟”飞船将禁止登陆;这个就是我们熟悉的传统L3/L4 防火墙策略,并跟踪连接(会话)状态;
|
||||
|
||||
|
||||
|
||||
|
||||
根据文件[sw_l3_l4_policy.yaml](../roles/cilium/files/star_war_example/sw_l3_l4_policy.yaml) 创建 `$ kubectl apply -f sw_l3_l4_policy.yaml` 后,验证如下:
|
||||
根据文件[sw_l3_l4_policy.yaml](../../../roles/cilium/files/star_war_example/sw_l3_l4_policy.yaml) 创建 `$ kubectl apply -f sw_l3_l4_policy.yaml` 后,验证如下:
|
||||
|
||||
``` bash
|
||||
$ kubectl exec tiefighter -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
|
||||
|
|
@ -146,9 +146,9 @@ main.main()
|
|||
temp/main.go:5 +0x85
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
限制L7 的安全策略,根据文件[sw_l3_l4_l7_policy.yaml](../roles/cilium/files/star_war_example/sw_l3_l4_l7_policy.yaml) 创建 `$ kubectl apply -f sw_l3_l4_l7_policy.yaml` 后,验证如下:
|
||||
限制L7 的安全策略,根据文件[sw_l3_l4_l7_policy.yaml](../../../roles/cilium/files/star_war_example/sw_l3_l4_l7_policy.yaml) 创建 `$ kubectl apply -f sw_l3_l4_l7_policy.yaml` 后,验证如下:
|
||||
|
||||
``` bash
|
||||
$ kubectl exec tiefighter -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
|
||||
|
|
|
|||
Loading…
Reference in New Issue