Welcome to the Linux Foundation Forum!

Network Policy - container ingress not working fully

Posts: 11
in LFD259 Class Forum

In Lab 6.5. Testing a Policy
We create a deny-all (allclosed) network policy.
I have found that this blocks ingress from outside the cluster, but not from within the cluster to the container.

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Comments

  • Posts: 1,000

    Hello,

    I'm unsure of what you mean by "from within the cluster". From where were the other pods trying to connect? What did you use to test this, and was it the pod ephemeral IP or the ClusterIP you tested?

    Regards,

  • Posts: 11

    Used curl on the pod ephemeral IP

  • Posts: 1,000

    Hello,

    When you use the ephemeral IP, you are not using the service. When not using the service you do not encouter the rules that would allow or deny network access.

    Regards,

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Quick Links

Categories

Upcoming Training