Verify Network Isolation is working as expected #1379
Comments
|
@SuyogShinde942 Can you take a look at this issue next? |
|
sure |
|
The cross network isolation is working as expected. 
|
|
@SuyogShinde942 Nice!! |
|
@SuyogShinde942 I am thinking that we should document the exact steps inside the examples folder. |
|
I followed the steps mentioned in the steps.txt for /examples/multitenancy/hello-world, To start the minikube with network driver i used command "minikube start --cni=cilium" |
|
Got it. To test network isolation, you also had to follow the steps listed above, right? And then the exec into Pod and curl commands? We should document all of this so that when others want to test it, they will know exactly what steps to follow. @SuyogShinde942 |
|
sure, Should we create any other file for network isolation testing ? |
KubePlus creates a Network boundary using NetworkPolicy objects for each deployed application instance.
There are two NetworkPolicy objects created. One which restricts cross-namespace traffic.
Second which allows only traffic from outside world to reach the application namespace.
The implementation is here:
https://github.com/cloud-ark/kubeplus/blob/master/deploy/kubeconfiggenerator.py#L1106
Above Network policies are taken from the Network Policy recipes given here:
https://github.com/ahmetb/kubernetes-network-policy-recipes
Specifically:
This issue is to verify that the above NetworkPolicies really work for KubePlus-managed application instances.
In order to test the Network Policies, here are steps:
Create a PR with any changes that need to be included in the NetworkPolicy implementation
The text was updated successfully, but these errors were encountered: