Hi,
I have a Pod (e.g. A) and I need this pod to allow ingress requests only from pod B and C. Similarly, A is allowed to send requests only to B and C.
There are a few network policies already existing in the cluster.
However you are NOT allowed to create/update/delete a new/existing NW Policy. You can only "use/inject" the existing policy in the Pod.
Note - I am aware of the fact that we can create Network Policy and use the pod A as Pod Selector. However this question demands a different approach. Cant create new NetPol or update existing ones.
Hello debu,
You can edit the exisiting policy. it has a lot of options to define ingress and egress. ipBlock or namespaceSelector or podSelector.
Please note that: Network policies do not conflict; they are additive. If any policy or policies select a pod, the pod is restricted to what is allowed by the union of those policies’ ingress/egress rules. Thus, order of evaluation does not affect the policy result.
you can check the following for more info Network Policies | Kubernetes
Thanks for the information.
However the requirement in this case is different. We are NOT allowed to create a new NW policy or update/delete any existing NW policy.
We are allowed to perform updates only in the Pod.
I believe probably the label tag of the Pod might be aligned as per NW policy configurations, though not sure if it can solve the questions.
Another Q - If I have 2 NW Policy where the 1st NW policy allows all ingress traffic to a particular Pod and 2nd NW policy rejects all ingress traffic to that Pod. In this case, which NW policy will be effective on the Pod and how to control this.