I had a question regarding network policies.
Let’s say we have 2 pods A and B. We want to setup an egress policy on pod B to allow only tcp connections to pod A. Both pods also have svc called svc-a and svc-b of type cluster ip on ports 6000 and 8000 respectively.
If we implement the egress network policy like so
egress: -to -podSelector: matchLabels: run: pod-a
Things work just fine. Pod B is able to query pod A using
curl svc-a:6000 .But if it’s like so
egress: -to -podSelector: matchLabels: run: pod-a ports: - port: 6000 protocol: TCP
This doesnt work. Querying pod A using
curl svc-a:6000 . I use port 6000 because the svc-a is running on port 6000.
Why does this happen?