Difference between revisions of "K8s network policy"
Jump to navigation
Jump to search
| Line 4: | Line 4: | ||
https://kubernetes.io/docs/concepts/services-networking/network-policies/ | https://kubernetes.io/docs/concepts/services-networking/network-policies/ | ||
| + | https://editor.networkpolicy.io/?id=u7ZyunLd9YSsf9Da | ||
k8s core DNS example egress | k8s core DNS example egress | ||
Revision as of 00:45, 4 April 2023
https://loft.sh/blog/kubernetes-network-policies-for-isolating-namespaces/
https://kubernetes.io/docs/concepts/services-networking/network-policies/
https://editor.networkpolicy.io/?id=u7ZyunLd9YSsf9Da
k8s core DNS example egress
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: foo
spec:
podSelector:
matchLabels:
run: nginx
policyTypes:
- Egress
egress:
- to:
- ipBlock:
cidr: 192.168.0.0/16
ports:
- protocol: TCP
port: 80
endPort: 81
- to:
- namespaceSelector: {}
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- port: 53
protocol: UDP
- port: 53
protocol: TCP