LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Kubernetes and Cloud Native Security Associate (KCSA) Cert Prep

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Network policies

Network policies

From the course: Kubernetes and Cloud Native Security Associate (KCSA) Cert Prep

Start my 1-month free trial Buy for my team

Network policies

“

All right. So let's take a look at a network policy here. Now we're going to be calling from the named API group. We're going to be specifying the network policy object or resource. We'll give it a name, we'll specify the namespace, we'll utilize the pod selector. And then what we're going to do is we're going to specify types. Now remember, network policies care about ingress and egress. You can specify one or you can specify both. So from this perspective, essentially what we're saying is, this CIDR range accept this IP address, verifies this namespace selector and selects these pods, okay? Over particular ports. So what I'm saying is this CIDR range has access to these pods over these ports. From an egress perspective, I'm saying this IP block can go outbound over port 5959, okay? So let's kind of see this in action a little bit here. Now the first thing that we're going to do is we're going to run two pods based on the busybox container image. And really what the busybox container…

Contents