M2Ko

Network Policy

Home
AIX
AIX
- Cluster
  Cluster
  - HACMP
- Management
  Management
  - HMC
  - Vios
- Network
  Network
  - Interface
  - NFS
  - Route
- Others
  Others
  - Mail
  - Perl
  - Printers
- Package
  Package
  - Alt RootVG
  - DVD Install
  - Library
  - Nim
  - Package/Fix
  - Upgrade
  - Yum
- Performance
  Performance
- Procedures
  Procedures
  - Install PowerPath
  - Migrate rootvg
- Service
  Service
  - Service
- Storage
  Storage
  - FC Card
  - FileSystem
  - LVM
  - MPio
  - Volume
- Troubleshooting
  Troubleshooting
  - Logs/Trace
- User
  User
  - Limits
  - User/Group
Codes
Codes
- Bash
  Bash
  - Variables
- Java
  Java
  - Jar File
- Python
  Python
  - Tips
  - Module
    Module
    
    Argparse
    
    Boto3
    
    CSV
    
    Multiprocess
    
    Regex (re)
    
    SSH
  - Tools
    Tools
    
    Convert Size
    
    Week's Day
    
    LDAP Extract
    
    Slugger
- Shell
  Shell
  - Commands
    Commands
    
    Awk
    
    Find
    
    Sed
    
    Set
  - Widget
    Widget
    
    Column
    
    Progress Bar
    
    Size Convert
- Tools
  Tools
  - JQ
- Windows
  Windows
  - Excel
Containers
Containers
- Kubernetes
  Kubernetes
  - Cert-Manager
  - KubeAdm
  - kubectl
  - Network
  - Plugins
  - Tips
- Openshift
  Openshift
  - Label/Selector
  - Network
    Network
    
    Egress
    
    Ingress
    
    Network Policy Network Policy
    Table of contents
    
    Commands
    
    Manifest
    
    Links
    
    OVN Network
  - Objects
    Objects
    
    StateFulSet
  - Security
    Security
    
    Certificate
    
    Roles
    
    SCC
    
    Users/Groups and Access
  - Storage
    Storage
    
    Volumes
  - Troubleshooting
    Troubleshooting
    
    Basics
    
    Etcd
    
    KubeApi
    
    Logs/Events
    
    Management
  - Upgrade
    Upgrade
    
    Machine Configs
    
    Upgrade
- Runtime
  Runtime
  - Docker
  - Podman
- Tools
  Tools
  - Docker Compose
  - Helm
  - Kaniko
  - Kasten
  - Trivy
Linux
Linux
- Cluster
  Cluster
  - Pacemaker
- Network
  Network
  - Bonding
  - IPTables
  - Netstat
  - Network Manager
  - NFS
  - Routes
- Others
  Others
  - Crontab
  - Mail
  - TimeZone
- Package
  Package
  - DNF
  - RPM
  - Yum
- Performance
  Performance
  - Memory/Swap
- Security
  Security
  - Aide
  - CVE
  - OpenScap
  - Password
  - Permission
  - SELinux
  - SSH
  - Sudo
- Service
  Service
  - Process/Service
  - Systemd
- Storage
  Storage
- Tools
  Tools
  - Apache
  - NMON
  - OpenSSL
  - Rear
  - Rsync
  - Satellite
  - Screen
  - Tmux
  - Udev
  - Utils
  - Vi Editor
- Troubleshooting
  Troubleshooting
  - Auditd
  - Filesystem
  - Kernel
  - History/Logs
  - Network
  - Rescue/Recovery
  - SysCall
- User
  User
  - Limits
  - User/Group
Others
Others
- Cloud
  Cloud
  - GCP
    GCP
    
    Client
  - Openstack
    Openstack
    
    Client
- Database
  Database
  - Elasticsearch
  - Etcd
  - Etcd
  - MariaDB
  - MongoDB
  - Oracle
  - Patroni
  - Postgres
  - Prometheus
  - SQL
- DevOps
  DevOps
  - Git
  - GitLab
  - Vault
  - Ansible
    Ansible
    
    Ad-Hoc
    
    Callback
    
    Config
    
    Functions
    
    Meta
    
    Modules
- Hardware
  Hardware
  - ILO
    ILO
    
    Dell Idrac
- Monitoring
  Monitoring
  - Graylog
  - Logstash
- Network
  Network
  - CIDR Subnet
- Tips
  Tips
  - Clavier
- Windows
  Windows
  - Network
Storage
Storage
- Ceph
  Ceph
  - Base
  - Block Storage
  - CephFS
  - Object Storage
  - OSD
  - Troubleshooting
- EMC
  EMC
  - Unipshere
  - VMax
- S3
  S3
  - AWS Cli
  - RCLone
  - S3Cmd

Openshift - Network Policy

Commands

Get netpol:

oc get netpol
oc get networkpolicy

Manifest

Examples of manifest, to only accept connections from Pods within a project and for some port with project which have prometheus: "yes" label:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-from-prometheus
  namespace: my-namespace
spec:
  podSelector: {}
  ingress:
  - from:
    - podSelector: {}
  - from:
    - namespaceSelector:
        matchLabels:
          prometheus: "yes"
    ports:
    - port: 8080
      protocol: TCP
    - port: 9114
      protocol: TCP
  policyTypes:
  - Ingress
  egress: []

Openshift - Network Policy

Commands

Manifest

Links