Side Gadgets

Kubernetes 101 : The default permissive Network Policy


ByPosted at
Share

Unless there is an ingress or egress network policy applied to a pod, the default network policy in kubernetes allows all the connections going to and coming from all the pods.

To avoid that, we could write Yaml configuration file for a network policy, that blocks all traffic, except the one that is explicitly allowed by another network policy.

The network policy will apply to both ingress and egress traffic of the pods in the cluster.

Below is the Yaml file of the network policy:


The above network policy applies to the namespace "namespace-1".
Network policies are namespaced resources.

The "podSelector:{}" parameter, basically means all the pods in the mentioned namespace.

To get a list of all the namespaced resources in kubernetes - tied to a namespace -, we could use the below command:

Post a Comment
Labels
Random thoughts, and observations about our daily lives, to make us reflect about life in general.

Comments

Leave as a comment:

Archive