kubectl config use-context cluster5-admin@cluster5

# vim 21_deny.yaml

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: default-deny-ingress
  namespace: prod-db

spec:
  podSelector: {}
  policyTypes:
  - Ingress


k apply -f 21_deny.yaml

k get ns --show-labels

# vim 21_allow.yaml

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-policy
  namespace: prod-db
spec:
  podSelector:
    matchLabels: {}
  policyTypes:
    - Ingress
  ingress:
    - from:
        - namespaceSelector:
            matchLabels:
              name: prod
        - namespaceSelector:
            matchLabels:
              name: stage
          podSelector:
            matchLabels:
              role: db-connect

        - podSelector:
            matchLabels:
              role: db-external-connect
          namespaceSelector: {}

k apply -f 21_allow.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

21.MD

21.MD

Files

21.MD

Latest commit

History

21.MD

File metadata and controls