Hello,
I’m studying to retake the CKA exam and I made a mistake regarding network Policies in the exam.
Could you tell me if the following exercises are ok?
Create a NetworkPolicy That Denies All Access to the Maintenance Pod
There is a pod called maintenance in the foo namespace. Create a NetworkPolicy that blocks all traffic to and from this pod.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: default-deny
namespace: foo
spec:
podSelector:
matchLabels:
name: maintenance
egress: []
ingress: []
Create a NetworkPolicy That Allows All Pods in the Users-Backend Namespace to Communicate with Each Other Only on a Specific Port
There are some pods in the users-backend namespace. Create a NetworkPolicy that blocks all traffic to pods in this namespace, except for traffic from pods in the same namespace on port 80.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: traffic-in-backend
namespace: users-backend
spec:
podSelector: {}
ingress:
- ports:
- port: 80
from: - namespaceSelector:
matchLabels:
namespace: users-backend
- port: 80