Hi everyone, this time it’s another basic configuration revisit and describe the concept of Network Policy in Kubernetes, especially if we want to use it in our GKE environment.

What is Network Policy?

_NetworkPolicies are an application-centric construct which allow you to specify how a pod is allowed to communicate with various network “entities” (we use the word “entity” here to avoid overloading the more common terms such as “endpoints” and “services”, which have specific Kubernetes connotations) over the network. — _https://kubernetes.io/docs/concepts/services-networking/network-policies/

In a summary, we can create a whitelist of ingress and egress for our selected pods. It’s similar to how we are able to create firewall policy in GCP while maintaining the Deny-All and then create higher priority firewall rules to whitelist selected policy we decide to. Or in a more simple way, which port we allow to go in (ingress) or to go out (egress).

Now it is particularly easy to imagine the firewall policy, however if I am a newcomer that wants to test Kubernetes, the idea of creating a firewall policy within the Kubernetes cluster seems quite daunting (Or at least that how I feel back then :D)

#ingress #egress #network-policies #kubernetes #gke