---
apiVersion: v1
kind: Namespace
metadata:
  name: tavro-cloud-dev
  labels:
    name: tavro-cloud-dev
    app.kubernetes.io/managed-by: manual
  annotations:
    scheduler.alpha.kubernetes.io/node-selector: "nodetype=worker"
---
apiVersion: v1
kind: ResourceQuota
metadata:
  name: tavro-cloud-dev
  namespace: tavro-cloud-dev
  labels:
    app.kubernetes.io/managed-by: manual
spec:
  hard:
    configmaps: "100"
    limits.cpu: "5"
    limits.memory: 13Gi
    persistentvolumeclaims: "1"
    pods: "100"
    requests.cpu: "3"
    requests.memory: "10Gi"
    requests.storage: "2Gi" 
    resourcequotas: "1"
    secrets: "100"
    services: "100"
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: tavro-cloud-dev-common
  namespace: tavro-cloud-dev
spec:
  podSelector: {}
  policyTypes:
    - Ingress
    - Egress
  ingress: []
  egress:
    - to:
        - ipBlock:
            # vault.avroid.tech
            cidr: 10.2.16.2/32
      ports:
        - port: 443
          protocol: TCP
    - ports:
        - port: 53
          protocol: TCP
        - port: 53
          protocol: UDP