Lab
A Cloud Guru

Lock Down Inter-Pod Communication with NetworkPolicies

NetworkPolicies are a great way to control network communication within a Kubernetes cluster. In this lab, you will make a Kubernetes cluster more secure by using NetworkPolicies to restrict network traffic to only traffic that is actually needed by applications running in the cluster.

Try for free Contact sales

Path Info

Level

Advanced

Duration

30m

Published

May 19, 2021

Challenge

Block Incoming Traffic by Default for All Pods in the web-auth Namespace

Create a configuration that causes incoming traffic to all Pods in the web-auth namespace to be blocked by default.
Challenge

Allow Traffic from the auth-client Pod to Reach the web-auth-server
Allow the auth-client Pod to reach web-auth-server. Both Pods are in the web-auth namespace. You can use existing labels to accomplish this.
- auth-client needs to be able to reach web-auth-server on port 80.
- Only Pods with the appropriate label should be able to access web-auth-server, even if they are in the web-auth namespace.
- Pods outside the web-auth namespace should never be able to access web-auth-server, no matter what labels they have.

Author

A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.