Network Policies in Kubernetes Explained
Рет қаралды 3,746
Күн бұрынIn this video, I have explained the Network policy for the Kubernetes. This is one of the most important security feature of Kubernetes and in CKS exam too, this questions carries weightage of around 9-12%.
Topics covered in this video:
00:00 - Introduction
00:10 - What we will cover
00:32 - Certifications
00:52 - Learning Path
01:32 - Network Security
02:52 - Traffic types
03:16 - Policies
05:14 - Network Policy
Kubernetes assets that control the traffic between pods. Kubernetes network policy lets developers secure access to and from their applications. This is how we can restrict a user's access.
➤ How Does Network Policy Work?
There are unlimited situations where you need to permit or deny traffic from specific or different sources. This is utilized in Kubernetes to indicate how gatherings of pods are permitted to speak with one another and with outside endpoints.
➤ Network Policy In Pods
All Pods in Kubernetes communicate with each other which are present in the cluster. By default all Pods are non-isolated however Pods become isolated by having a Kubernetes Network Policy in Kubernetes.
Default Network Policies In Kubernetes
➥Default deny all ingress traffic
➥Default permit all ingress traffic
➥Default deny all Egress traffic
➥Default permit all Egress traffic
➥Default deny all Ingress and all Egress traffic
#KubernetesNetworkPolicy #KubernetesCluster #K8S
@mahalakshmirekala5804 Жыл бұрын
Thank you.
@CloudGurus Жыл бұрын
You're welcome!
@user-zk1kw2su4g Жыл бұрын
Thank you for the video. It would be great if you could add the git repo details for reference.
@CloudGurus Жыл бұрын
Sure. Will add that in the description.
@PrakashReddyK 2 жыл бұрын
Hi thank you very much for your efforts. This is exactly the video I was looking for communication between namespaces , I have created one namespace for fast api and another namespace for Mongo db , I was unable to connect from web app to mongo service between namespaces , I will follow this and see. If you don’t mind can you please make a video for a web app pod and database pod on two different namespaces and their communication , I am planning to put monitoring namespace also and attach to these namespaces to web app namespace and database namespace
@CloudGurus 2 жыл бұрын
Thanks for your feedback. Noted your suggestion. Will come up with a video on that topic soon.
@satishkumarg2301 Жыл бұрын
Thanks for the explanation. Right Use cases were chosen. Can you please share the git link for the manifest files used.
@CloudGurus Жыл бұрын
Sure. Will add that in the description.
@babu-dz7lp Жыл бұрын
Hi , this video is very helpful. however, i do have one question, if we create a deny all policy on a user created namespace first. Dont we have to create allow policies next for communication between the use namespace pods and the pods form the system namespaces, also what happens to the communications from outside the cluster here? not sure why this part if not covered,. i mean , if my goal is to just communication between user created namespaces and not block communications between system namespaces and user created namespace, as well as the traffic from outside the cluster like accessing exposed service through web browser, what is the network policy for it? sorry for the long message.
@CloudGurus Жыл бұрын
Yes correct.
@babu-dz7lp Жыл бұрын
@@CloudGurus thanks for the response, can you please suggest a book/course that covers these RBAC, network policies stuff in detail?
@anshumanhota8171 Жыл бұрын
Nice video please share the github url
@CloudGurus Жыл бұрын
Sure. Will add that in the description.
@rahul4024 Жыл бұрын
i created 2 namespace created 2 pods in each NS created the denyall policy but still able to curl. im sure i did exactly as you did..why is denyall not working for me? did something change in new version?
@CloudGurus Жыл бұрын
Please share the error code.
@rahul4024 Жыл бұрын
NVM..i think problem was with lab..the other lab it just worked
@CloudGurus Жыл бұрын
Alright!
@rahul4024 Жыл бұрын
@@CloudGurus thanks man for checking in. I can play with netpols very well now thanks to your video
SOFIADELMONSTRO
Рет қаралды 76 МЛН
МИЛАНА ТУТ 👀
Рет қаралды 6 МЛН
DevOps Pro
Рет қаралды 10 М.
TechWorld with Nana
Рет қаралды 181 М.
DevOps Toolkit
Рет қаралды 14 М.
Devoxx Poland
Рет қаралды 190 М.