We're building a platform based on microservices which managed by k8s, each user could build application based on different microservices. how to do isolation for different applications to avoid harm effective between them, is the network isolation ok or any better solution ?
You need network policy applied in K8s
https://kubernetes.io/docs/user-guide/networkpolicies/
A network policy is a specification of how selections of pods are allowed to communicate with each other and other network endpoints.
that depends what kind of network isolation you need? 1.layer 7:you can use network policy to change iptables rules. 2.layer 2:you can use kuryr to use neutron's vlan or vxlan network.