every doc/tutorial says only about how to apply networkpolicy, but none of them tells actually how to validate if your policy was applied, how to do that? any useful tool for networkpolicy mgmt?
Thinking of NetworkPolicy resources as Firewall rules in your OS , how can you validate if any firewall rule applied to your applications running in your OS? Only by analyzing Firewall rules and it requires firewall knowledge. So in Kubernetes cluster you can also analyze NetworkPolicy
by describing them.
kubectl get networkpolicy
kubectl describe networkpolicy <networkpolicy-name>
You need also understand components of NetworkPolicy such as podSelector
, policyTypes
such as Ingress, Engress and so on.
For example if your NetworkPolicy podSelector
is role=db
, you can search your pods matching this label via
kubectl get pods -l 'role=db'
For more information about NetworkPolicy you can check Official Documentation
Also for Label and Selectors check this Documentation