Welcome to the Linux Foundation Forum!

Can someone explain when to add dashes and when not to in YAML?

Can someone explain when to add dashes and when not to? For example the following YAML works but if you look at the docs for net policies at no point do they use a - before port. https://kubernetes.io/docs/concepts/services-networking/network-policies/
if you take the - out the yaml fails. Why are they there and how would i know they should be outside of finding examples on the web and trial and error.

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: netblock
spec:
podSelector:
matchLabels:
app: nginx
ingress:
- ports:
- port: 80
from:

Comments

  • chrispokorni
    chrispokorni Posts: 1,458

    Hi @tim.poth,

    In the network policy definition found in the official documentation (referenced by your link above), the hyphens are used for different purposes.

    Hyphens used as part of a default construct, such as:

      ingress:
      - from:
    
      egress:
      - to:
    

    Hyphens used for the grouping of properties part of a condition, and to separate conditions from other conditions. In addition, the hyphens below have the meaning of "OR" when conditions are evaluated:

        - ipBlock:
            cidr: 172.17.0.0/16
        - namespaceSelector:
            matchLabels:
              project: myproject
        - podSelector:
            matchLabels:
              role: frontend
    

    For the purpose of grouping of relevant properties, or to separate objects that are part of an array. Keep in mind that single object arrays also require the use of hyphens:

    Multi-container pod definitions

    Init containers pod definitions

    Volumes with associated volume mounts definitions

    Ports of a multi-port container definition

    While properties are typically listed in alphabetical order, they may be arranged differently based on personal preference:

      ports:
        - port: 80
          protocol: TCP
          name: http
          targetPort: 9376
        - name: https
          port: 443
          targetPort: 9377
          protocol: TCP
    

    Regards,
    -Chris

  • Thanks for your input Chris, such a frustrating structure to try to learn.

Categories

Upcoming Training