Kubernetes 101 : Securing the communication between the pods - Network Policies -
Within a kubernetes cluster, there might be cases where we want to restrict communications to or from certain applications running inside pods.
To achieve that, we could use network policies which are a kubernetes resources like that pods, deployments, ...
Below is a diagram that gives us an overview of network policies:
The network policy "network_policy_1" applies to the pods labeled "run: nginx" in the default namespace as we can see in the above Yaml file.
For the Ingress and Egress policies, if one of the rules applies to pods communicating with the "run: nginx" pods, the communication is allowed.
We could use the "ipBlock" to also filter external traffic - coming from outside of the kubernetes cluster -, while the namespaces are used mainly to filter internal traffic - within the kubernetes cluster -.