FYI. The issue persists:
student-node ~ ➜ k get -n kube-system ds weave-net -o yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
…
name: weave-net
namespace: kube-system
spec:
…
spec:
containers:
- command:
- /home/weave/launch.sh
env:
- name: HOSTNAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: IPALLOC_RANGE
value: 10.50.0.0/16
- name: INIT_CONTAINER
value: “true”
image: docker.io/weaveworks/weave-kube:2.8.1
name: weave
The issue is present only when the Weave IP is not the same as the kube proxy one.
k get cm -n kube-system kube-proxy -o jsonpath={'.data.config\.conf}' | yq e .clusterCIDR -
It doesn’t matter what the value is, they just need to be the same for it to be working.
This is a lot better explanation than the one in the solution.
Ultimate CKA Mock Lab 3 - Question 19
The solution’s language makes it seem like you change the pod selector under spec and doesn’t mention the idea that you do not want the - in the pod selector under ingress > from.
I need to wrap my head around network policies a bit more. I went through the course but I missed the additive nature of the above.
Recommend updating the lab solution to this one: