Kubernetes Network Policy
September 29, 2020 by Piyush Jain Leave a Comment
This blog covers the important part of Kubernetes which is
Network Policies in Kubernetes. One important
configuration that demands attention from a security
perspective is the Kubernetes network policy feature.
In a server farm, network security is dealt with by at least
one firewall apparatuses.
What Are Kubernetes Network
This is Kubernetes assets that control the traffic between
pods. Kubernetes network policy lets developers secure
access to and from their applications. This is how we can
restrict a user for access.
Any request that is successfully authenticated (including
an anonymous request) is then authorized. The default
get FREE Tips,
authorization mode is always allowed, which allows all
requests. In Kubernetes, you must be authenticated
(logged in) before your request can be authorized
(granted permission to access).
How Does Network Policy
There are unlimited situations where you need to permit
or deny traffic from specific or different sources. This
is utilized in Kubernetes to indicate how gatherings of pods
are permitted to speak with one another and with outside
Traffic is allowed unless there is a Kubernetes network
policy selecting a pod.
Communication is denied if policies are selecting the pod
but none of them have any rules allowing it.
Traffic is allowed if there is at least one policy that allows
Read about the Docker Networking overview, different
types of networking i.e bridge networking, host networking,
overlay networking, and Macvlan networking.
Network Policy In Pods
All Pods in Kubernetes communicate with each other which
are present in the cluster. By default all Pods are non-
isolated however Pods become isolated by having a
Kubernetes Network Policy in Kubernetes. Once we have it
in a namespace choosing a specific pod, that will restrict
all the incoming and outing traffic of the pod