apiVersion: cilium.io/v2 kind: CiliumNetworkPolicy metadata: name: kube-system-baseline namespace: kube-system spec: endpointSelector: {} ingress: - fromEntities: - cluster - host - remote-node egress: - toEntities: - kube-apiserver - cluster - toEndpoints: - matchLabels: k8s:k8s-app: kube-dns toPorts: - ports: - port: "53" protocol: UDP - port: "53" protocol: TCP