-
Forum
-
메인 게시판
-
Tips
-
[K8S] Network Policy 정의하기
[K8S] Network Policy 정의하기
덜보기
더보기
-
Posts: 109
-
Thank you received: 11
-
-
13 Dec 2022 07:49 - 15 Dec 2022 09:47 #31979
작성자: huaya
모든 Pod의 Egress, Ingress를 차단
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: deny
spec:
podSelector: {}
policyTypes:
- Egress
- Ingress
위 설정에서 DNS(53포트)는 허용
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: deny
spec:
podSelector: {}
policyTypes:
- Egress
- Ingress
egress:
- to:
ports:
- port: 53
protocol: TCP
- port: 53
protocol: UDP
특정 namespace에 대해 9000 포트만 허용
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-9000-from-namespace
spec:
podSelector: {}
policyTypes:
- Ingress
ingress:
- from:
- namespaceSelector:
matchLabels:
color: pink
ports:
- port: 9000
protocol: TCP
-
Forum
-
메인 게시판
-
Tips
-
[K8S] Network Policy 정의하기
Time to create page: 0.044 seconds
