问题
I followed this article to check functionality of network policy
https://medium.com/better-programming/how-to-secure-kubernetes-using-network-policies-bbb940909364
Created 3 namespaces web, middleware and database, created network policy for web and middleware exactly the same as mentioned in the article.
Instead of the following commands to create deployments
$ kubectl create deployment nginx --image=ewoutp/docker-nginx-curl -n web
$ kubectl create deployment nginx --image=ewoutp/docker-nginx-curl -n middleware
$ kubectl create deployment nginx --image=ewoutp/docker-nginx-curl -n database
I used this yaml content
enter code here
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 1
selector:
matchLabels:
tier: web
template:
metadata:
labels:
tier: web
spec:
containers:
- name: nginx
image: ewoutp/docker-nginx-curl
command:
- "/bin/sh"
- "-c"
- while true; do echo $(date) >> /mnt/blob/outfile; sleep 1; done
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
as per network policy my middleware should take connections from my web namespace but It was not working.
I am getting error as following
curl: (7) Failed to connect to port 80: Connection refused command terminated with exit code 7
I am suspecting network policies are not applied properly, can someone please let me know If I am making any mistake over here. Please have a look at article to get more details.
my middleware network policy is as below
Thanks in advance :)
来源:https://stackoverflow.com/questions/65137145/network-policy-in-kubernetes-not-working-in-different-namespaces