kubectl get pods --show-labelsCreate a network policy to allow traffic from the ‘Internal’ application only to the ‘payroll-service’ and ‘db-service’
Use the spec given on the right. You might want to enable ingress traffic to the pod to test your rules in the UI.
- Policy Name: internal-policy
- Policy Types: Egress
- Egress Allow: payroll
- Payroll Port: 8080
- Egress Allow: mysql
- MYSQL Port: 3306
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: internal-policy
namespace: default
spec:
podSelector:
matchLabels:
name: Internal
policyTypes:
- Egress
egress:
- to:
- podSelector:
matchLabels:
name: mysql
ports:
- protocol: TCP
port: 3306
- to:
- podSelector:
matchLabels:
name: payroll
ports:
- protocol: TCP
port: 8080