K
Q

How to restrict the outbound traffic of user's pods in Kubernetes?

4/26/2017

Now we're using Kubernetes to implement the PaaS service and users can ssh into the containers. Because container runs inside the network of Kubernetes, users can access the services like kube-apiserver.

We want to restrict the outbound of the user's pods. It seems that Kubernetes Network Policy is only for inbound traffic now.

Is that possible to do that? Should we setup the rules of iptables in compute nodes?

-- tobe
iptables
kubernetes
networking
policy

Similar Questions

nginx setup in kubernetes with RBAC enabled
Deployment - node selector per replica
Kubernetes cluster role error: at least one verb must be specified
How to mount volume into the source code of the app?

1 Answer

11/30/2017

Outbound traffic is now supported by Network Policies since v1.8, you should check again and see if your use case is fully supported.

https://kubernetes.io/docs/concepts/services-networking/network-policies/#default-deny-all-egress-traffic

-- Rafaesp
Source: StackOverflow