apiVersion: "cilium.io/v2" kind: CiliumNetworkPolicy metadata: name: "cilium-policy-allow-dns" namespace: public-xray spec: endpointSelector: matchLabels: app.kubernetes.io/instance: server-xray-public app.kubernetes.io/name: server-xray egress: - toPorts: - ports: - port: "53" protocol: ANY - toCIDR: - 1.1.1.1/32