Raihan
Reputation: 10405
Network policy to prevent cross namespace communication
How to define a network policy to prevent communication across pods in different namespaces within the same K8s cluster?
Upvotes: 1
Views: 1195
Answers (1)
P....
Reputation: 18371
Checkout the git repo at here for many netpolicy usecases, following is one of it.
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
namespace: default
name: deny-from-other-namespaces
spec:
podSelector:
matchLabels:
ingress:
- from:
- podSelector: {}
*Note a few things about this manifest:
namespace: default deploys it to the default namespace. it applies the policy to ALL pods in default namespace as the spec.podSelector.matchLabels is empty and therefore selects all pods. it allows traffic from ALL pods in the default namespace, as spec.ingress.from.podSelector is empty and therefore selects all pods.*
Upvotes: 5
Related Questions
- Is there a way to Prevent inter-namespace communication of pods in Kubernetes without using network policy
- Network policy to restrict communication of pods within namespace and port
- Cross namespace communication in Kubernetes
- Network Policy not allowing communication inside namespace
- How to block traffic from specific namespace in kubernetes
- How to apply kubernetes network policies to restrict access of namespace from other namespace?
- Network policy to deny traffic from a particular namespace
- Prevent inter-namespace communication in Kubernetes
- How to stop all external traffic and allow only inter pod network call within namespace using network policy?
- Block access between namespaces but allow access for external traffic