Hello I setup the netpol as below, but the other pods can acces the site, I follow the instructions on the answer:
Under spec: → egress: you will notice there is not cidr: block has been added, since there is no restrcitions on egress traffic so we can update it as below. Further you will notice that the port used in the policy is 8080 but the app is running on default port which is 80 so let’s update this as well (under egress and ingress):
But The other pod can acces the site.
I modified to restrict more, and netpol dont block the others pods:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
creationTimestamp: “2023-07-31T08:31:43Z”
generation: 9
name: cyan-np-cka28-trb
namespace: cyan-ns-cka28-trb
resourceVersion: “11097”
uid: fa7d02a2-97ee-4998-9f32-383ed2bafd6e
spec:
egress:
- ports:
- port: 80
protocol: TCP
to: - ipBlock:
cidr: 0.0.0.0/0 - podSelector:
matchLabels:
app: cyan-white-cka28-trb
ingress:
- port: 80
- from:
- podSelector:
matchLabels:
app: cyan-white-cka28-trb - ipBlock:
cidr: 0.0.0.0/0
ports: - port: 80
protocol: TCP
podSelector:
matchLabels:
app: cyan-app-cka28-trb
policyTypes:
- podSelector:
- Ingress
- Egress
status: {}
How I can restrict the netpol only for a pod black?
