MM Balogun:
Question
Create a new NetworkPolicy named allow-port-from-namespace in the existing namespace echo. Ensure
that the new NetworkPolicy allows Pods in namespace my-app to connect to port 9000 of Pods in namespace echo.
Further ensure that the new NetworkPolicy:
• does not allow access to Pods, which don’t listen on port 9000
• does not allow access from Pods, which are not in namespace my-app
My Answer
kind: NetworkPolicy
apiVersion: http://networking.k8s.io/v1|networking.k8s.io/v1
metadata:
name: allow-port-from-all-namespaces
namespace: echo
spec:
podSelector:
matchLabels:
app: echo ns label
policyTypes:
- Ingress
ingress: - from:
- namespaceSelector:
matchLabels:
role: my-app ns label
ports:
protocol: TCP
port: 9000
- namespaceSelector: