File tree 2 files changed +55
-0
lines changed
2 files changed +55
-0
lines changed Original file line number Diff line number Diff line change @@ -1742,6 +1742,48 @@ Resources:
17421742- https://rancher.com/blog/2019/2019-03-21-comparing-kubernetes-cni-providers-flannel-calico-canal-and-weave/
17431743- https://info.rancher.com/kubernetes-networking-deep-dive
17441744
1745+ ## Network Policy
1746+
1747+ Deploy webservers:
1748+
1749+ ```
1750+ kubectl apply -f webservers.yml
1751+ ```
1752+
1753+ Check connection:
1754+
1755+ ```
1756+ kubectl run busybox --rm -ti --image=busybox -- wget --spider --timeout=1 nginx
1757+ ```
1758+
1759+ Apply policy
1760+
1761+ ```
1762+ kubectl apply -f networkpolicy.yml
1763+ ```
1764+
1765+ See policy:
1766+
1767+ ```
1768+ kubectl get networkpolicies
1769+ ```
1770+
1771+ ```
1772+ kubectl describe -f networkpolicy.yml
1773+ ```
1774+
1775+ Check connection again:
1776+
1777+ ```
1778+ kubectl run busybox --rm -ti --image=busybox -- wget --spider --timeout=1 nginx
1779+ ```
1780+
1781+ Check connection with labels `--labels="access=true"`:
1782+
1783+ ```
1784+ kubectl run busybox --rm -ti --image=busybox --labels="access=true" -- wget --spider --timeout=1 nginx
1785+ ```
1786+
17451787## What's Next? Kubernetes Advance
17461788
17471789- Logging (EFK / ELK)
Original file line number Diff line number Diff line change 1+ apiVersion : networking.k8s.io/v1
2+ kind : NetworkPolicy
3+ metadata :
4+ name : webservers
5+ spec :
6+ podSelector :
7+ matchLabels :
8+ project : webservers
9+ ingress :
10+ - from :
11+ - podSelector :
12+ matchLabels :
13+ access : " true"
You can’t perform that action at this time.
0 commit comments