I do have a situation where, I do have 3 pods in the same namespace. Lets call them aaa, bbb and ccc.
Meanwhile NetworkPolicies are set in each of 2 of these to accept and forward traffic, let's say the netpol for aaa is npa and for bbb is npb
My question is how can I allow ccc to allow traffic to ingress only from aaa and bbb by only configuring the pod and existing network policies
You can label the pods and add the network policy as shown below, it should allow traffic from aaa/bbb to ccc pod only
label existing pod:
kubectl label pod aaa "ns=aaa"
kubectl label pod bbb "ns=aaa"Network Policy: The below network policy will apply on pod ccc(app: ccc) and will only allow traffic from pods aaa and bbb this is what is required
note: assumed ccc is labelled as app: ccc
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: test-network-policy
namespace: default
spec:
podSelector:
matchLabels:
app: ccc
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
ns: aaa