K8ns:
I am confused with the network policy yaml from below github link. As per the yaml file ingress is given as [] which means we are not allowing any ingress traffic to the pod which contradicts the explanation he provided… can anyone review it and explain me… thank you for helping
https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/08-allow-external-traffic.md
Nimesh Kumar:
if we give the ingres as {} i think this means that it allows all traffic
https://kubernetes.io/docs/concepts/services-networking/network-policies/
Nimesh Kumar:
the label the policy is applied on is app=web
K8ns:
Thank you for responding… ingress : {} - means allow traffic right… square brackets [] means deny right? Could you review the below links?
video link: (at 6:24)
K8ns:
in the github link, he used square brackets instead of {} which is what confusing…
Nicolas G.:
to best answer this question and gain some learning experience, try that in a lab your self and confirm …
Pratik Patel:
I think you should use {} to allow all and [] to allow none.
Nimesh Kumar:
here for the deny all
apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: NetworkPolicy
metadata:
name: default-deny-ingress
spec:
podSelector: {}
policyTypes:
- Ingress
Nimesh Kumar:
the use curly braces, im just trying to understand is the square and curly braces is a thing that is not documented
K8ns:
Thank you @Nimesh Kumar As per the below documentation curly braces are used for allowing all traffic.
apiVersion: http://networking.k8s.io/v1|networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-all-ingress
spec:
podSelector: {}
ingress:
However in the below git hub link they used square brackets instead of curly for allowing all traffic… which is what confusing
https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/08-allow-external-traffic.md