I have below namespaces for my app
In backend API pod, there's an iniit container that will populate the db first
I have below NetworkPolicy (I have deployed calico network provider)
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: restrict-db
namespace: backend-db
spec:
podSelector:
matchLabels:
role: backend-db
policyTypes:
- Ingress
ingress:
- from
- namespaceSelector:
matchLables:
role: backend-apiIf I apply the network policy after I deployed all the pods it works (API pods can access redis)
But If I deploy the NetworkPolicy first and when I deploy the API pod it fails to initialize with STATUS Init:CrashLoopBackOff
If I describe the init container it has below log
Data initializer
2022/02/07 04:33:49 dial tcp 10.43.250.221:6379: i/o timeoutAny idea why this is happening?
Deployment yaml for backend API
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend-api
namespace: backend-api
spec:
replicas:
selector:
matchLabels:
app: backend-api
role: backend-api
template:
metadata:
labels:
app: backend-api
role: backend-api
spec:
containers:
- name: backend-api
image: "192.168.8.103:5000/goredis:1.0.1"
imagePullPolicy: Always
resources:
requests:
cpu: 100m
memory: 100Mi
ports:
- containerPort: 8080
env:
- name: REDIS_HOST
value: redis.backend-db
- name: REDIS_PORT
value: "6379"
initContainers:
- name: init-myservice
image: "192.168.8.103:5000/goredisinit:1.0.1"
imagePullPolicy: Always
env:
- name: REDIS_HOST
value: redis.backend-db
- name: REDIS_PORT
value: "6379"backend-db
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: backend-db
name: redis-master
labels:
role: backend-db
spec:
selector:
matchLabels:
role: backend-db
replicas: 1
template:
metadata:
labels:
role: backend-db
spec:
containers:
- name: redis
image: redis
resources:
requests:
cpu: 100m
memory: 100Mi
ports:
- containerPort: 6379
volumeMounts:
- name: redis-data
mountPath: /data
volumes:
- name: redis-data
persistentVolumeClaim:
claimName: redis-data