我尝试通过Calico Client Go将Calico网络策略应用于Kubernetes。但是我遇到了一些错误。下面是我的Golang代码。
package main
import (
"github.com/projectcalico/libcalico-go/lib/apiconfig"
api "github.com/projectcalico/libcalico-go/lib/apis/v1"
"github.com/projectcalico/libcalico-go/lib/client"
)
func main() {
cli, err := client.New(apiconfig.CalicoAPIConfig{
Spec: apiconfig.CalicoAPIConfigSpec{
DatastoreType: apiconfig.Kubernetes,
KubeConfig: apiconfig.KubeConfig{
Kubeconfig: "conf/kube_config_cluster.yml",
},
},
})
if err != nil {
panic(err)
}
policies := cli.Policies()
_, err = policies.Apply(&api.Policy{
Metadata: api.PolicyMetadata{
Name: "init-policy",
},
Spec: api.PolicySpec{
Types: []api.PolicyType{
api.PolicyTypeIngress,
api.PolicyTypeEgress,
},
IngressRules: []api.Rule{
{
Action: "allow",
Source: api.EntityRule{
Selector: "app == 'hello-node-0'",
},
},
},
EgressRules: []api.Rule{
{
Action: "allow",
Destination: api.EntityRule{
Selector: "app == 'hello-node-1'",
},
},
},
},
})
if err != nil {
panic(err)
}
}
我收到错误消息:Policy(name = init-policy)不支持创建操作
另一种通过Golang代码将Calico网络策略应用于Kubernetes的解决方案。我尝试使用Kube客户端,但未成功。