K
Q

Pod needs the same key label to work with two different network policies

6/14/2021

I have two network policies (one with pod selector app=db and the other with app=proxy) and I have one pod to apply both network policies, the pod config doesn't allow to have 2 different labels with the same key app.

How can I do it in this case without modifying any network policies?

-- sergiotm
kubernetes
kubernetes-networkpolicy
kubernetes-pod

Similar Questions

Errors while creating master in cluster of kubernetes in lxc container
Istio on Kubernetes: pod to service communication doesn't work
kubernetes cronjob and updating a secret
Sonobuoy DNS Tests Fail, failure can't be replicated manually
kubernetes nginx ingress concurrent connections

1 Answer

6/15/2021

If the pod/label/app selector is the only selector in each policy then it's not possible. The net policy probably needs a matchExpressions selector then a new label.

Ingress and Egress rules can supply an array of podSelectors for the network targets, or similar matchExpressions 

spec:
  podSelector:
    matchExpressions:
      - key: role
        operator: In
        values: [ "db-proxy", "db" ]
-- Matt
Source: StackOverflow