how to validate that networkpolicy was applied to specific pod?

2/24/2019

every doc/tutorial says only about how to apply networkpolicy, but none of them tells actually how to validate if your policy was applied, how to do that? any useful tool for networkpolicy mgmt?

-- animekun
kubernetes
kubernetes-networkpolicy

1 Answer

3/14/2019

Thinking of NetworkPolicy resources as Firewall rules in your OS , how can you validate if any firewall rule applied to your applications running in your OS? Only by analyzing Firewall rules and it requires firewall knowledge. So in Kubernetes cluster you can also analyze NetworkPolicy by describing them.

kubectl get networkpolicy
kubectl describe networkpolicy <networkpolicy-name>

You need also understand components of NetworkPolicy such as podSelector, policyTypes such as Ingress, Engress and so on.

For example if your NetworkPolicy podSelector is role=db, you can search your pods matching this label via

kubectl get pods -l 'role=db'

For more information about NetworkPolicy you can check Official Documentation

Also for Label and Selectors check this Documentation

-- coolinuxoid
Source: StackOverflow