networkPolicy issue

I am actually trying the example in this webpage on LinuxAcademy cloudserver. Eventhough, I have applied networkPolicy denying the all traffic, I am still getting the response back. 
https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/01-deny-all-traffic-to-an-application.md

I am wondering why it is not working in our lab environment. Can someone explain why?

  • post-author-pic
    David S
    11-09-2018

    Hi  @rpotru 


    I've just been playing around with NetworkPolicies lately, and I noticed a couple of differences in the way the example spec is put together, and the way the Kuberenetes Documentation has it written out. Not sure if this is the exact solution to what you are seeing, but it might be worth a shot. 

    apiVersion: networking.k8s.io/v1
    kind: NetworkPolicy
    metadata:
    name: web-deny-all
    spec:
    podSelector:
    matchLabels:
    app: web
    policyTypes:
    - Ingress


    The main difference here is that we specify the "Ingress" policyType, and do not specify an 'ingress' spec section.

    More documentation on this can be found here: 

    https://kubernetes.io/docs/concepts/services-networking/network-policies/


    Let us know if this helps. 

  • post-author-pic
    Rajesh P
    12-20-2018

    Hi David - Thanks for the response. I am still able to access the traffic even after applying the YAML from documentation.

    apiVersion: networking.k8s.io/v1
    kind: NetworkPolicy
    metadata:
    name: default-deny
    spec:
    podSelector: {}
    policyTypes:
    - Ingress


    Any ideas?


  • post-author-pic
    Rajesh P
    12-20-2018

    I setup the cluster as per CKA exam prep course (kudeadm behind the scenes). Wondering if flannel has a bug with this as NetworkingPolicies is a new feature.

    kube-system            kube-flannel-ds-amd64-gdgfp                        1/1     Running   0          45m
    kube-system kube-flannel-ds-amd64-k2lj6 1/1 Running 0 42m
    kube-system kube-flannel-ds-amd64-ngcfj 1/1 Running 0 42m


Looking For Team Training?

Learn More