i'ams truggle with writing K8s network policy to deny trafic from pod to pod, pod must be specefied by label or name.
Can some one help me?
I'am not are devops/sys admin. And i need this for Integration Testting. I check https://github.com/ahmetb/kubernetes-network-policy-recipes examples. But still can't do it.
Here is exampel that allow acces from only one service
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: api-allow
spec:
podSelector:
matchLabels:
app: bookstore
role: api
ingress:
- from:
- podSelector:
matchLabels:
app: bookstore
But i need oposite things, denny only from one pod.
you should define two network policies as mentioned below
here are some good recipes that would be helpful. follow the link network policy recipes