👀 Views: 1252 💬 Answers: 1 📅 Created: 2025-06-22

kubernetes networking networkpolicy yaml

I've encountered a strange issue with Quick question that's been bugging me - I'm trying to implement a `NetworkPolicy` in my Kubernetes cluster (v1.28) to restrict traffic between my application pods, but it seems like the policy isn't taking effect as expected. Here’s what I’ve done so far: I have two deployments: `frontend` and `backend`. I want to allow traffic from `frontend` to `backend` only, while denying all other traffic. My `NetworkPolicy` looks like this: ```yaml apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: allow-frontend-to-backend namespace: my-namespace spec: podSelector: matchLabels: app: backend ingress: - from: - podSelector: matchLabels: app: frontend policyTypes: - Ingress ``` I applied the policy using `kubectl apply -f network-policy.yaml`. However, when I try to curl the `backend` service from the `frontend` pod, it still succeeds in reaching the `backend`. I’ve verified that both pods have the correct labels, and I’ve also checked the `coredns` logs to see if there are any related issues, but nothing stands out. I also tried adding an explicit `egress` policy to deny all other traffic: ```yaml apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: deny-all-egress namespace: my-namespace spec: podSelector: matchLabels: app: frontend policyTypes: - Egress egress: - to: - podSelector: {} ``` Despite this, the `frontend` pod can still reach the `backend`. Is there something I'm missing? Do I need to set any specific annotations or configurations in the cluster? Any insights would be greatly appreciated! For context: I'm using Yaml on Linux. Any ideas what could be causing this? Could someone point me to the right documentation?