Create A New Networkpolicy Named Allow from ns port In The Existing Namespace

The text explains the concept of NetworkPolicy in Kubernetes and how it can be used to restrict traffic between pods in a namespace. It discusses the various parameters, such as rules, ports, and namespaces, that can be defined in a policy. The article also mentions that without any policies set, Kubernetes allows all communications between pods. An example of defining a policy for allowing traffic from specific pods with certain labels on a specific port is also given.

To create a new NetworkPolicy named allow-from-ns-port in the existing namespace dev1, you can use the following YAML manifest:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-from-ns-port
  namespace: dev1
spec:
  podSelector:
    matchLabels:
      purpose: production
  ingress:
  - from:
    - namespaceSelector:
        matchLabels:
          name: dev2
    ports:
    - port: 9000
      protocol: TCP

This NetworkPolicy allows Pods in namespace dev2 to connect to port 9000 of Pods in namespace dev1. It meets the requirements by ensuring that it does not allow access to Pods which don't listen on port 9000 and does not allow access from Pods which are not in namespace dev2 with the label "purpose=production".

You can apply this NetworkPolicy using the kubectl apply -f <filename>.yaml command, where <filename>.yaml is the name of the file containing the YAML manifest.

If you have further inquiries or need additional assistance, feel free to ask!

Guide to Kubernetes Egress Network PoliciesKubernetes CKS: What is Network Policy & Example Code ...

Related Questions

Work fast from anywhere

Stay up to date and move work forward with BrutusAI on macOS/iOS/web & android. Download the app today.