Network policy in Kubernetes not working in different namespaces

情到浓时终转凉″ 提交于 2021-01-11 02:56:29

问题


I followed this article to check functionality of network policy

https://medium.com/better-programming/how-to-secure-kubernetes-using-network-policies-bbb940909364

Created 3 namespaces web, middleware and database, created network policy for web and middleware exactly the same as mentioned in the article.

Instead of the following commands to create deployments

$ kubectl create deployment nginx --image=ewoutp/docker-nginx-curl -n web

$ kubectl create deployment nginx --image=ewoutp/docker-nginx-curl -n middleware

$ kubectl create deployment nginx --image=ewoutp/docker-nginx-curl -n database

I used this yaml content

enter code here

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      tier: web
  template:
     metadata:
       labels:
        tier: web
  spec:
     containers:
       - name: nginx
         image: ewoutp/docker-nginx-curl
         command:
           - "/bin/sh"
           - "-c" 
           - while true; do echo $(date) >> /mnt/blob/outfile; sleep 1; done

strategy:
   rollingUpdate:
   maxSurge: 0
  maxUnavailable: 1
  type: RollingUpdate

as per network policy my middleware should take connections from my web namespace but It was not working.

I am getting error as following

curl: (7) Failed to connect to port 80: Connection refused command terminated with exit code 7

I am suspecting network policies are not applied properly, can someone please let me know If I am making any mistake over here. Please have a look at article to get more details.

my middleware network policy is as below

Thanks in advance :)

来源:https://stackoverflow.com/questions/65137145/network-policy-in-kubernetes-not-working-in-different-namespaces

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!