NetworkPolicy Deny All not working

radaeld · May 10, 2022, 6:06pm

Cluster information:

Kubernetes version: v1.21
Cloud being used: aws
CNI and version: 1.11.0-eksbuild.1

Hey
Im trying to isolate a pod from others in a given namespace.
In other words, i dont want this pod to receive or send any traffic to/from others pods.
To achieve this i tried to use the following network policy written in Kubernetes documentation. Additionally added a matchLabel to only isolate the pod i wanted.

After applying, i deployed a busy box in the same namespace where the pod is. I was able to succefully ping and connect via telnet to the pod i was trying to isolate.
I used the IP given by performing kubectl get pods -n <namespace> -o wide

Am i missing something on why the NetworkPolicy to deny all didnt work?

tej-singh-rana · May 13, 2022, 7:58am

Hey @radaeld ,
Please check deployed network plugins. Flannel doesn’t support network policy and weave|calico does.

Regards,

Topic		Replies	Views
'declare-network-policy' from kubernetes documentation not working General Discussions	2	587	September 16, 2019
How can I isolate pods in namespace using NetworkPolicy without disabling external traffic to Kubernetes pods General Discussions network	6	3836	December 8, 2023
Network policy - Allow only one IP General Discussions network	11	6585	March 14, 2019
Network policies block only cross nodes traffic General Discussions	5	865	October 21, 2019
NodePort Not Working in Conjunction with Network Policies General Discussions	2	1349	November 13, 2020

NetworkPolicy Deny All not working

Cluster information:

Related topics